diff --git a/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/ckuster-issuer-self-signed.yaml b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/ckuster-issuer-self-signed.yaml new file mode 100644 index 000000000..78d2a157b --- /dev/null +++ b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/ckuster-issuer-self-signed.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: self-signed +spec: + selfSigned: {} diff --git a/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml index be1c011b4..daca95aa1 100644 --- a/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml +++ b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml @@ -4,6 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: cert-manager resources: + - cluster-issuer-self-signed.yaml - secret.sops.yaml - cluster-issuer-staging.yaml - cluster-issuer-production.yaml diff --git a/kubernetes/kube-nas/apps/default/echo-server/app/helm-release.yaml b/kubernetes/kube-nas/apps/default/echo-server/app/helm-release.yaml index 269765af2..6d3138247 100644 --- a/kubernetes/kube-nas/apps/default/echo-server/app/helm-release.yaml +++ b/kubernetes/kube-nas/apps/default/echo-server/app/helm-release.yaml @@ -66,19 +66,12 @@ spec: ingress: main: enabled: true - className: traefik + className: nginx annotations: - cert-manager.io/cluster-issuer: letsencrypt-production + cert-manager.io/cluster-issuer: self-signed kubernetes.io/tls-acme: "true" - traefik.ingress.kubernetes.io/router.middlewares: traefik-ingress-sso@kubernetescrd - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/affinity: "true" - traefik.ingress.kubernetes.io/router.tls: "true" - external-dns.alpha.kubernetes.io/target: "${SECRET_CLOUDFLARE_TUNNEL_ID}.cfargotunnel.com" - hajimari.io/icon: video-input-antenna - hajimari.io/enable: "true" hosts: - - host: &host "{{ .Release.Name }}.${SECRET_DOMAIN}" + - host: &host "{{ .Release.Name }}.tyriis.dev" paths: - path: / pathType: Prefix