kosmos/gitea.kosmos.org
kosmos/gitea.kosmos.org
Archived
8
1
Fork 0
Code Issues Pull Requests Releases Activity
This repository has been archived on 2023-03-30. You can view files and clone it, but cannot push or open issues or pull requests.
gitea.kosmos.org/kubernetes/letsencrypt-production.yaml
Greg Karékinian ae8d6a6cf3 WIP: Set up ingress with Let's Encrypt certificates using cert-manager 
This is using haproxy-ingress to support forwarding SSH on port 22

Since we're using cert-manager with ingress to get Let's Encrypt certs,
we're not using the Let's Encrypt functionality that's part of Gitea. To
run this we need to change the config file, have Gitea run on port 3000
as HTTP and disable all the Let's Encrypt config keys. Currently the
gitea-ingress.yaml uses the letsencrypt-staging ClusterIssuer

This has been tested on a local Kubernetes cluster using Docker for Mac
2019-06-05 17:57:16 +02:00

20 lines
637 B
YAML
Raw Blame History

apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: ops@kosmos.org
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource used to store the account's private key.
name: letsencrypt-production-account-key
# Add a single challenge solver, HTTP01 using nginx
solvers:
- http01:
ingress:
class: nginx
Reference in New Issue View Git Blame Copy Permalink