refactor certificates to be per namespace/app
This commit is contained in:
parent
d21e4411e6
commit
6128223fcf
13
apps/arr/certificate.yaml
Normal file
13
apps/arr/certificate.yaml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: wildcard-jpcit-coza
|
||||||
|
namespace: media
|
||||||
|
spec:
|
||||||
|
secretName: wildcard-jpcit-coza-tls
|
||||||
|
issuerRef:
|
||||||
|
name: letsencrypt-dns
|
||||||
|
kind: ClusterIssuer
|
||||||
|
commonName: "*.jpcit.co.za"
|
||||||
|
dnsNames:
|
||||||
|
- "*.jpcit.co.za"
|
||||||
|
|
@ -18,8 +18,8 @@ spec:
|
||||||
number: 80
|
number: 80
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- radarr.jpcit.co.za
|
- jellyfin.jethrocotton.com
|
||||||
secretName: widlcard-jethrocotton-com-tls
|
secretName: wildcard-jethrocotton-com-tls
|
||||||
|
|
||||||
# - match: Host(`movies.merox.cloud`) # change to your domain
|
# - match: Host(`movies.merox.cloud`) # change to your domain
|
||||||
# kind: Rule
|
# kind: Rule
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- media-namespace.yaml
|
- media-namespace.yaml
|
||||||
- arr-configmap.yaml
|
- arr-configmap.yaml
|
||||||
|
- certificate.yaml
|
||||||
#- homarr
|
#- homarr
|
||||||
- jellyfin
|
- jellyfin
|
||||||
- mediapvs
|
- mediapvs
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,6 @@ spec:
|
||||||
number: 80
|
number: 80
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- radarr.jpcit.co.za
|
- prowlarr.jpcit.co.za
|
||||||
secretName: widlcard-jethrocotton-com-tls
|
secretName: wildcard-jpcit-coza-tls
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,6 @@ spec:
|
||||||
number: 80
|
number: 80
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- radarr.jpcit.co.za
|
- qbittorrent.jpcit.co.za
|
||||||
secretName: widlcard-jpcit-coza-tls
|
secretName: wildcard-jpcit-coza-tls
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -19,4 +19,4 @@ spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- radarr.jpcit.co.za
|
- radarr.jpcit.co.za
|
||||||
secretName: widlcard-jpcit-coza-tls
|
secretName: wildcard-jpcit-coza-tls
|
||||||
|
|
|
||||||
|
|
@ -18,5 +18,5 @@ spec:
|
||||||
number: 80
|
number: 80
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- radarr.jpcit.co.za
|
- sonarr.jpcit.co.za
|
||||||
secretName: widlcard-jpcit-coza-tls
|
secretName: wildcard-jpcit-coza-tls
|
||||||
|
|
|
||||||
13
apps/forgejo/certificate.yaml
Normal file
13
apps/forgejo/certificate.yaml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: wildcard-jethrocotton-com
|
||||||
|
namespace: forgejo
|
||||||
|
spec:
|
||||||
|
secretName: wildcard-jethrocotton-com-tls
|
||||||
|
issuerRef:
|
||||||
|
name: letsencrypt-dns
|
||||||
|
kind: ClusterIssuer
|
||||||
|
commonName: "*.jethrocotton.com"
|
||||||
|
dnsNames:
|
||||||
|
- "*.jethrocotton.com"
|
||||||
|
|
@ -7,3 +7,4 @@ resources:
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
- pvc.yaml
|
- pvc.yaml
|
||||||
- sshingress.yaml
|
- sshingress.yaml
|
||||||
|
- certificate.yaml
|
||||||
|
|
|
||||||
13
apps/kimai/certificate.yaml
Normal file
13
apps/kimai/certificate.yaml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: wildcard-numbergoup-coza
|
||||||
|
namespace: kimai
|
||||||
|
spec:
|
||||||
|
secretName: wildcard-numbergoup-coza-tls
|
||||||
|
issuerRef:
|
||||||
|
name: letsencrypt-dns
|
||||||
|
kind: ClusterIssuer
|
||||||
|
commonName: "*.numbergoup.co.za"
|
||||||
|
dnsNames:
|
||||||
|
- "*.numbergoup.co.za"
|
||||||
|
|
@ -4,6 +4,7 @@ resources:
|
||||||
- helmrelease.yaml
|
- helmrelease.yaml
|
||||||
- db
|
- db
|
||||||
- kimaisecrets.yaml
|
- kimaisecrets.yaml
|
||||||
|
- certificate.yaml
|
||||||
|
|
||||||
namespace: kimai
|
namespace: kimai
|
||||||
|
|
||||||
|
|
|
||||||
17
infrastructure/pgadmin/helmrelease.yaml
Normal file
17
infrastructure/pgadmin/helmrelease.yaml
Normal file
|
|
@ -0,0 +1,17 @@
|
||||||
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
kind: HelmRelease
|
||||||
|
metadata:
|
||||||
|
name: pgadmin4
|
||||||
|
namespace: pgadmin
|
||||||
|
spec:
|
||||||
|
interval: 5m
|
||||||
|
chart:
|
||||||
|
spec:
|
||||||
|
chart: pgadmin4
|
||||||
|
version: "*"
|
||||||
|
sourceRef:
|
||||||
|
kind: HelmRepository
|
||||||
|
name: external-secrets
|
||||||
|
namespace: flux-system
|
||||||
|
install:
|
||||||
|
createNamespace: true
|
||||||
4
infrastructure/pgadmin/kustomization.yaml
Normal file
4
infrastructure/pgadmin/kustomization.yaml
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- helmrelease.yaml
|
||||||
|
|
@ -10,3 +10,4 @@ resources:
|
||||||
- cloudnative-pg.yaml
|
- cloudnative-pg.yaml
|
||||||
- mariadb-operator.yaml
|
- mariadb-operator.yaml
|
||||||
- smb-driver.yaml
|
- smb-driver.yaml
|
||||||
|
- runix.yaml
|
||||||
|
|
|
||||||
8
infrastructure/sources/runix.yaml
Normal file
8
infrastructure/sources/runix.yaml
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
apiVersion: source.toolkit.fluxcd.io/v1
|
||||||
|
kind: HelmRepository
|
||||||
|
metadata:
|
||||||
|
name: pgadmin4
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
interval: 12h
|
||||||
|
url: https://helm.runix.net
|
||||||
Loading…
Reference in a new issue