From 661f49409e69f5cfafbef4cd41411a72ebc5418d Mon Sep 17 00:00:00 2001 From: Chris Lovering Date: Sun, 13 Aug 2023 20:01:42 +0100 Subject: Copy all files from kubernetes repo into this one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit is a like-for-like copy of the [kubernetes repo](https://github.com/python-discord/kubernetes) check that repo for comit history prioir to this commit. Co-authored-by: Amrou Bellalouna Co-authored-by: Bradley Reynolds Co-authored-by: Chris Co-authored-by: Chris Lovering Co-authored-by: ChrisJL Co-authored-by: Den4200 Co-authored-by: GDWR Co-authored-by: Hassan Abouelela Co-authored-by: Hassan Abouelela Co-authored-by: jchristgit Co-authored-by: Joe Banks <20439493+jb3@users.noreply.github.com> Co-authored-by: Joe Banks Co-authored-by: Joe Banks Co-authored-by: Johannes Christ Co-authored-by: Kieran Siek Co-authored-by: kosayoda Co-authored-by: ks129 <45097959+ks129@users.noreply.github.com> Co-authored-by: Leon Sand├©y Co-authored-by: Leon Sand├©y Co-authored-by: MarkKoz Co-authored-by: Matteo Bertucci Co-authored-by: Sebastiaan Zeeff <33516116+SebastiaanZ@users.noreply.github.com> Co-authored-by: Sebastiaan Zeeff Co-authored-by: vcokltfre --- .../namespaces/cert-manager/cert-manager/README.md | 13 +++++++++++++ .../cert-manager/certificates/pythondiscord.com.yaml | 12 ++++++++++++ .../cert-manager/issuers/letsencrypt-prod.yaml | 18 ++++++++++++++++++ .../cert-manager/issuers/letsencrypt-staging.yaml | 18 ++++++++++++++++++ .../namespaces/cert-manager/cert-manager/values.yaml | 1 + 5 files changed, 62 insertions(+) create mode 100644 kubernetes/namespaces/cert-manager/cert-manager/README.md create mode 100644 kubernetes/namespaces/cert-manager/cert-manager/certificates/pythondiscord.com.yaml create mode 100644 kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-prod.yaml create mode 100644 kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-staging.yaml create mode 100644 kubernetes/namespaces/cert-manager/cert-manager/values.yaml (limited to 'kubernetes/namespaces/cert-manager') diff --git a/kubernetes/namespaces/cert-manager/cert-manager/README.md b/kubernetes/namespaces/cert-manager/cert-manager/README.md new file mode 100644 index 0000000..a7389e6 --- /dev/null +++ b/kubernetes/namespaces/cert-manager/cert-manager/README.md @@ -0,0 +1,13 @@ +# cert-manager + +X.509 certificate management for Kubernetes. + +> cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide to developers 'certificates as a service' in your Kubernetes cluster. + +We install cert-mamnanger through [Helm using this guide](https://cert-manager.io/docs/installation/kubernetes/#installing-with-helm). + +## Directories + +`issuers`: Contains configured issuers, right now only letsencrypt production & staging. + +`certificates`: Contains TLS certificates that should be provisioned and where they should be stored. diff --git a/kubernetes/namespaces/cert-manager/cert-manager/certificates/pythondiscord.com.yaml b/kubernetes/namespaces/cert-manager/cert-manager/certificates/pythondiscord.com.yaml new file mode 100644 index 0000000..94bd7dc --- /dev/null +++ b/kubernetes/namespaces/cert-manager/cert-manager/certificates/pythondiscord.com.yaml @@ -0,0 +1,12 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: pythondiscord-com +spec: + secretName: pythondiscord.com-tls + dnsNames: + - pythondiscord.com + - '*.pythondiscord.com' + issuerRef: + name: letsencrypt + kind: ClusterIssuer diff --git a/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-prod.yaml b/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-prod.yaml new file mode 100644 index 0000000..4321377 --- /dev/null +++ b/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-prod.yaml @@ -0,0 +1,18 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt + namespace: cert-manager +spec: + acme: + email: letsencrypt@pythondiscord.com + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-account-key + solvers: + - dns01: + cloudflare: + email: cloudflare@pydis.com + apiTokenSecretRef: + name: cloudflare-credentials + key: cloudflare-api-key diff --git a/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-staging.yaml b/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-staging.yaml new file mode 100644 index 0000000..e9fdfc7 --- /dev/null +++ b/kubernetes/namespaces/cert-manager/cert-manager/issuers/letsencrypt-staging.yaml @@ -0,0 +1,18 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + namespace: cert-manager +spec: + acme: + email: letsencrypt@pythondiscord.com + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-staging-account-key + solvers: + - dns01: + cloudflare: + email: cloudflare@pydis.com + apiTokenSecretRef: + name: cloudflare-credentials + key: cloudflare-api-key diff --git a/kubernetes/namespaces/cert-manager/cert-manager/values.yaml b/kubernetes/namespaces/cert-manager/cert-manager/values.yaml new file mode 100644 index 0000000..1b4551c --- /dev/null +++ b/kubernetes/namespaces/cert-manager/cert-manager/values.yaml @@ -0,0 +1 @@ +installCRDs: true -- cgit v1.2.3