67 lines
1.5 KiB
YAML
67 lines
1.5 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: bitwarden-bootstrap-issuer
|
|
spec:
|
|
selfSigned: {}
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: bitwarden-bootstrap-certificate
|
|
namespace: cert-manager
|
|
spec:
|
|
isCA: true
|
|
secretName: bitwarden-bootstrap-certs
|
|
subject:
|
|
organizations:
|
|
- external-secrets.io
|
|
dnsNames:
|
|
- external-secrets-bitwarden-sdk-server.external-secrets.svc.cluster.local
|
|
- bitwarden-sdk-server.external-secrets.svc.cluster.local
|
|
- localhost
|
|
ipAddresses:
|
|
- 127.0.0.1
|
|
- ::1
|
|
privateKey:
|
|
algorithm: RSA
|
|
encoding: PKCS8
|
|
size: 2048
|
|
rotationPolicy: Always
|
|
issuerRef:
|
|
name: bitwarden-bootstrap-issuer
|
|
kind: ClusterIssuer
|
|
group: cert-manager.io
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: bitwarden-certificate-issuer
|
|
spec:
|
|
ca:
|
|
secretName: bitwarden-bootstrap-certs
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: bitwarden-tls-certs
|
|
namespace: external-secrets
|
|
spec:
|
|
secretName: bitwarden-tls-certs
|
|
dnsNames:
|
|
- bitwarden-sdk-server.external-secrets.svc.cluster.local
|
|
- external-secrets-bitwarden-sdk-server.external-secrets.svc.cluster.local
|
|
- localhost
|
|
ipAddresses:
|
|
- 127.0.0.1
|
|
- ::1
|
|
privateKey:
|
|
algorithm: RSA
|
|
encoding: PKCS8
|
|
size: 2048
|
|
rotationPolicy: Always
|
|
issuerRef:
|
|
name: bitwarden-certificate-issuer
|
|
kind: ClusterIssuer
|
|
group: cert-manager.io
|