From 01742bc61b2575aa017b089557bcd92c26c13763 Mon Sep 17 00:00:00 2001
From: Saturn-V <alexaaronpena@gmail.com>
Date: Wed, 18 Oct 2023 22:18:12 -0700
Subject: [PATCH] attempt to add tls cert for ingress configured subdomain

---
 helm/service/templates/cert.yaml    | 11 +++++++++++
 helm/service/templates/ingress.yaml | 24 ++++++++++++++++++++++++
 helm/service/templates/issuer.yaml  | 14 ++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 helm/service/templates/cert.yaml
 create mode 100644 helm/service/templates/ingress.yaml
 create mode 100644 helm/service/templates/issuer.yaml

diff --git a/helm/service/templates/cert.yaml b/helm/service/templates/cert.yaml
new file mode 100644
index 0000000..f27bb6d
--- /dev/null
+++ b/helm/service/templates/cert.yaml
@@ -0,0 +1,11 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: sammwise-tls-prod
+spec:
+  secretName: sammwise-tls-prod
+  issuerRef:
+    name: sammwise-issuer
+  commonName: sammwise.vzxy.net
+  dnsNames:
+  - sammwise.vzxy.net
\ No newline at end of file
diff --git a/helm/service/templates/ingress.yaml b/helm/service/templates/ingress.yaml
new file mode 100644
index 0000000..8dbfa4a
--- /dev/null
+++ b/helm/service/templates/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: sammwise-ingress
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+    cert-manager.io/issuer: "sammwise-issuer"
+    traefik.ingress.kubernetes.io/redirect-entry-point: "https"
+spec:
+  rules:
+    - host: sammwise.vzxy.net
+      http:
+        paths:
+          - backend:
+              service:
+                name: sammwise
+                port:
+                  number: 80
+            path: /
+            pathType: Prefix
+  tls:
+  - hosts:
+    - sammwise.vzxy.net
+    secretName: sammwise-tls-prod
\ No newline at end of file
diff --git a/helm/service/templates/issuer.yaml b/helm/service/templates/issuer.yaml
new file mode 100644
index 0000000..6e86015
--- /dev/null
+++ b/helm/service/templates/issuer.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: sammwise-issuer
+spec:
+  acme:
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: ops@sjultra.com
+    privateKeySecretRef:
+      name: sammwise-issuer-private-key
+    solvers:
+    - http01:
+        ingress:
+          class: traefik
\ No newline at end of file