ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-13 07:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename back letsencrypt-XXX ClusterIssuer and files

Browse Source
This commit is contained in:
Wolfgang Huß 2020-12-13 17:07:51 +01:00
parent ea93fbb65a
commit be62c7d284
6 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deployment/digital-ocean/https/README.md
View File

@ -3,7 +3,7 @@
{% tabs %} {% tabs %}
{% tab title="Helm 3" %} {% tab title="Helm 3" %}
Follow [this quick start guide](https://cert-manager.io/docs/installation/kubernetes/) and install certmanager via Helm 3: Follow [this quick start guide](https://cert-manager.io/next-docs/installation/kubernetes/) and install certmanager via Helm 3:
## … Via Kubernetes Directly ## … Via Kubernetes Directly
@ -74,7 +74,7 @@ $ kubectl describe -n ocelot-social certificate tls
$ kubectl describe -n ocelot-social secret tls $ kubectl describe -n ocelot-social secret tls
``` ```
If everything looks good, update the issuer of your ingress. Change the annotation `certmanager.k8s.io/issuer` from `letsencrypt-testing` (in the cert-manager docs named `letsencrypt-staging`) to `letsencrypt-production` in your ingress configuration in `ingress.yaml`. If everything looks good, update the issuer of your ingress. Change the annotation `cert-manager.io/issuer` from `letsencrypt-staging` (for testing without getting a real certificate) to `letsencrypt-prod` (for production) in your ingress configuration in `ingress.yaml`.
```bash ```bash
# in folder deployment/digital-ocean/https/ # in folder deployment/digital-ocean/https/

4
deployment/digital-ocean/https/templates/ingress.template.yaml
View File

@ -5,8 +5,8 @@ metadata:
namespace: ocelot-social namespace: ocelot-social
annotations: annotations:
kubernetes.io/ingress.class: "nginx" kubernetes.io/ingress.class: "nginx"
certmanager.k8s.io/issuer: "letsencrypt-testing" cert-manager.io/issuer: "letsencrypt-staging"
certmanager.k8s.io/acme-challenge-type: http01 # DEPRECATED certmanager.k8s.io/acme-challenge-type: http01
nginx.ingress.kubernetes.io/proxy-body-size: 6m nginx.ingress.kubernetes.io/proxy-body-size: 6m
spec: spec:
rules: rules:

12
deployment/digital-ocean/https/templates/issuer.template.yaml
View File

@ -1,9 +1,9 @@
--- ---
# used while installation as first setup for testing purposes, recognize 'server: https://acme-staging-v02…' # used while installation as first setup for testing purposes, recognize 'server: https://acme-staging-v02…'
apiVersion: certmanager.k8s.io/v1alpha1 apiVersion: certmanager.k8s.io/v1
kind: Issuer kind: Issuer
metadata: metadata:
name: letsencrypt-testing name: letsencrypt-staging
namespace: ocelot-social namespace: ocelot-social
spec: spec:
acme: acme:
@ -13,15 +13,15 @@
email: user@example.com email: user@example.com
# Name of a secret used to store the ACME account private key # Name of a secret used to store the ACME account private key
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-testing name: letsencrypt-staging
# Enable the HTTP-01 challenge provider # Enable the HTTP-01 challenge provider
http01: {} http01: {}
--- ---
# used after installation for production, recognize 'server: https://acme-v02…' # used after installation for production, recognize 'server: https://acme-v02…'
apiVersion: certmanager.k8s.io/v1alpha1 apiVersion: certmanager.k8s.io/v1
kind: Issuer kind: Issuer
metadata: metadata:
name: letsencrypt-production name: letsencrypt-prod
namespace: ocelot-social namespace: ocelot-social
spec: spec:
acme: acme:
@ -31,6 +31,6 @@
email: user@example.com email: user@example.com
# Name of a secret used to store the ACME account private key # Name of a secret used to store the ACME account private key
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-production name: letsencrypt-prod
# Enable the HTTP-01 challenge provider # Enable the HTTP-01 challenge provider
http01: {} http01: {}

4
deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-production.yaml → deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-prod.yaml
View File

@ -1,7 +1,7 @@
apiVersion: cert-manager.io/v1alpha2 apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:
name: letsencrypt-production name: letsencrypt-prod
labels: labels:
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/managed-by: {{ .Release.Service }}
@ -13,7 +13,7 @@ spec:
server: https://acme-v02.api.letsencrypt.org/directory server: https://acme-v02.api.letsencrypt.org/directory
email: {{ .Values.supportEmail }} email: {{ .Values.supportEmail }}
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-production name: letsencrypt-prod
solvers: solvers:
- http01: - http01:
ingress: ingress:

4
deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-testing.yaml → deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-staging.yaml
View File

@ -1,7 +1,7 @@
apiVersion: cert-manager.io/v1alpha2 apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:
name: letsencrypt-testing name: letsencrypt-staging
labels: labels:
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/managed-by: {{ .Release.Service }}
@ -13,7 +13,7 @@ spec:
server: https://acme-staging-v02.api.letsencrypt.org/directory server: https://acme-staging-v02.api.letsencrypt.org/directory
email: {{ .Values.supportEmail }} email: {{ .Values.supportEmail }}
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-testing name: letsencrypt-staging
solvers: solvers:
- http01: - http01:
ingress: ingress:

2
deployment/helm/ocelot.social/values.yaml
View File

@ -19,7 +19,7 @@ image:
# pullPolicy indicates when, if ever, pods pull a new image from docker hub. # pullPolicy indicates when, if ever, pods pull a new image from docker hub.
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# letsencryptIssuer is used by cert-manager to set up certificates with the given provider. # letsencryptIssuer is used by cert-manager to set up certificates with the given provider.
letsencryptIssuer: "letsencrypt-production" letsencryptIssuer: "letsencrypt-prod"
# neo4jConfig changes any default neo4j config/adds it. # neo4jConfig changes any default neo4j config/adds it.
neo4jConfig: neo4jConfig:
# acceptLicenseAgreement is used to agree to the license agreement for neo4j's enterprise edition. # acceptLicenseAgreement is used to agree to the license agreement for neo4j's enterprise edition.