workignn on getting cert manager up to snuff

2025-01-13 22:23:24 -07:00
parent 1458dfe23b
commit 92b2bb78c0
7 changed files with 99 additions and 24 deletions
--- a/kubernetes/cloudflare-issuer/Readme.md
+++ b/kubernetes/cloudflare-issuer/Readme.md
@@ -0,0 +1,22 @@
+## Cloudflare cert manager
+
+<https://cert-manager.io/docs/installation/helm/>
+```bash
+helm repo add jetstack https://charts.jetstack.io --force-update
+helm install \
+  cert-manager jetstack/cert-manager \
+  --namespace cert-manager \
+  --create-namespace \
+  --version v1.16.2 \
+  --set crds.enabled=true
+```
+
+
+<https://medium.com/@kevinlutzer9/managed-ssl-certs-for-a-private-kubernetes-cluster-with-cloudflare-cert-manager-and-lets-encrypt-7987ba19044f>
+
+```bash
+kubectl create secret generic cloudflare-api-key-secret --from-literal=api-key=<TOKEN>
+```
+
+
+then apply `issuer.yml`1
--- a/kubernetes/cloudflare-issuer/issuer.yml
+++ b/kubernetes/cloudflare-issuer/issuer.yml
@@ -0,0 +1,18 @@
+# issuer.yml
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: ca-issuer
+spec:
+  acme:
+    email: alexmickelson96@gmail.com
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: issuer-key
+    solvers:
+    - dns01:
+        cloudflare:
+          email: alexmickelson96@gmail.com
+          apiTokenSecretRef:
+            name: cloudflare-api-key-secret
+            key: api-key