Remove letsencrypt support in cert-manager namespace.
Showing
4 changed files
with
0 additions
and
108 deletions
| 1 | apiVersion: v1 | ||
| 2 | data: | ||
| 3 | tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBK2RKRFBBYUpXZjNNbUprZVhialB0RlBxOGxVTlBBTStuZGdYYzlqTzRtVmlDeWhBCnFLb3g1UVF2WXR4RFdsc3VHVjRGb1BsUHlHR0Rqc2VEU0ZRbS8zWTFreC9sZUhtd3BZOUtndDBVTm9yc2RDNGEKOXpWSDYwTi9veW9obzV6RlZQdi9leUtKWFJkc3dkRFNSbXZpMUFWYi93aVpiV2o5ckZZSThtUjdlcHdyN0RWQQppK1JMSnlqZ2FFa3plTk14QlZEeStyb1QyREJJZFF3em96eU5YaXN6SkhZTWUyU0F6OVUvTThoakZlazBZcjNJCk5LeithRUtXTTdFS1NOYm9kc0RPbFBKWURYWHVOQ1VkY04xNzdTaTBnVDgzaGVidHNLQ3Q3ZmtYbHcrd3ZUbzAKS3FudUh4Y2hlTzRFVHplL1doaDV3TWVLVTlnaFJHVUFhSHZiRXdJREFRQUJBb0lCQVFEMnZzQjlsdzh1ZlVrSgpKNk1nZXB0YnhzNzF6eCtsT0tjdUMvTU9Ed1E0QkY3VUdrdlN5MWRBbGVPZngySVc2cHdibmd2OU5JR2lydjNiCmxoK0szdU10eXJtYnVSTlM3UTZXVjNNRzBnbFczZHd4M0IveUx3UDcwTTFPZ1J4OGx5a29pVVdMZjA4aFRUTzAKTXVhZGU0MnNVQ2JQUE5VZGhXZVlRZG5RWDRLK1UzSlVCYTh6Q2JZRDZvelFFaG5qQVhGUU9DUHlZWm1TQVhWVQp5dEVjRzdadEVJZmpFQTZPejlGeS9GTW15NkQ0WkhNR0JPSDY0SE54eDFBd09JSjJGNXdqRFdLMU5qeGJMV1pYCjR3WlBSeng5dlhRY2xxTlVhNGhOOWpiR3dYQ1BOSWtHUldJR1dEdnFXTFBpQWVmNkE5UDNiT1B0c1g0MjhGWUEKbGxGczhiQWhBb0dCQVA1bjErZWZqNmVIT052REhPL1NlTjhCRDhIOTgvOTZCL2psUWdFNll6elhNVUVIbDRYcApBQmRIaTN0czIyekgxZnlTWExlckEzRVJOdHZTRjhGb0Fuc2lOQm9hL2d0QzYzMmFPbHp3Vld3L2ZLbnVYanhpCkNydUUrdXYybWZKMmlEdkl1bGZaYzduY2tNV0lpdk5qY01kdW5TQUFUMjY5dERxUU1rNzdBWVo3QW9HQkFQdGoKRUgyNWVaejdaV2QveWFVeVhkQ3pjMVN1b29SemNFalVWK0thcVZMbHFSaWNmRi90M0FQVlNtMjY1RXMvZmVJNgpjeDFlVEpoWmVxR1YvNUEyMHhyd2ZDS0w1K0FhNzg0NVpYN0JPalRKaDg2a0pKWVNtUHZWRXFvZFRsejV1Q3dhClVvbFNMUHIxaVZrZXpXbkRrcFVBeTVrTkxqVUJ2aUZYNWNVNmp1WkpBb0dBT0R5T1BuWklGQmxSR1VzMUgxSmcKUTdPQlh6bWE4VE54aGJSdjljT0pZazZUWmJPZTdBd0lhQno1bVV3RDZUVDNlWUNGSEZpaVJ5RXVCa09YMnJuNgpLbXZ5Sm44bS95aEkxQmYrcE1LL3IxRU5acWI1ajlHQVc5bFdla2lsMlRJWWhWYW0wbnFRR1ZySGFkTDRIRHMwCkYvRzhxL0ZGbmM0emcrcVNKR0ZhQWZjQ2dZRUFwQWpFWGdXRkFaWlpXT3ZkbkZuOU5ZMmpHQUxNTVRsU2IzTi8KMVhHdVExVnd2WXArN2VtN3d4U09lSU9YTERMRjViVFdJTGZEcXpYWCsxQnhicDBYcTJCNDMrSUM4QTBqcGFGMgpSUHU1QzNEbG1VVXFTbkxnT0pPVWxrU0JPZElKQjE0MXRUMVY5SHY3bjVlbDJmbXYwR0t3ZDdKT0VIQ09yQnM2CjV6T0t3MkVDZ1lCMEdRbUkzYWw3UEtOd1NPVzc5eC8xem5pN1l1SWlqV05heEdrTkcxaU5wQ1dVRVlSa2ltUVcKdEVQWEFGM21xbkdUZGlmcVlyR3g4M01lRUdOTkdQK2phNkdzaTdXQ3hWQU9JRUFZdDZJUkJtUURKVE9OaDl4ZgpIb2hmcFhvcGo5MFlBQkNBd3FIUzdYbTdPZjEwZE12dlJLajU2dDdWQWc3NjE0V29ZZUlxM0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= | ||
| 4 | kind: Secret | ||
| 5 | metadata: | ||
| 6 | name: acme-account-key | ||
| 7 | namespace: cert-manager | ||
| 8 | --- | ||
| 9 | apiVersion: cert-manager.io/v1 | ||
| 10 | kind: ClusterIssuer | ||
| 11 | metadata: | ||
| 12 | namespace: cert-manager | ||
| 13 | name: letsencrypt-staging | ||
| 14 | spec: | ||
| 15 | acme: | ||
| 16 | # You must replace this email address with your own. | ||
| 17 | # Let's Encrypt will use this to contact you about expiring | ||
| 18 | # certificates, and issues related to your account. | ||
| 19 | #email: user@example.com | ||
| 20 | email: name@example.com | ||
| 21 | server: https://acme-staging-v02.api.letsencrypt.org/directory | ||
| 22 | preferredChain: 'ISRG Root X1' | ||
| 23 | disableAccountKeyGeneration: true | ||
| 24 | privateKeySecretRef: | ||
| 25 | # Secret resource that will be used to store the account's private key. | ||
| 26 | name: acme-account-key | ||
| 27 | # Add a single challenge solver, HTTP01 using istio | ||
| 28 | solvers: | ||
| 29 | - http01: | ||
| 30 | ingress: | ||
| 31 | class: istio | ||
| 32 | --- | ||
| 33 | apiVersion: cert-manager.io/v1 | ||
| 34 | kind: ClusterIssuer | ||
| 35 | metadata: | ||
| 36 | name: letsencrypt-production | ||
| 37 | namespace: cert-manager | ||
| 38 | spec: | ||
| 39 | acme: | ||
| 40 | # You must replace this email address with your own. | ||
| 41 | # Let's Encrypt will use this to contact you about expiring | ||
| 42 | # certificates, and issues related to your account. | ||
| 43 | #email: user@example.com | ||
| 44 | email: name@example.com | ||
| 45 | server: https://acme-v02.api.letsencrypt.org/directory | ||
| 46 | preferredChain: 'ISRG Root X1' | ||
| 47 | disableAccountKeyGeneration: true | ||
| 48 | privateKeySecretRef: | ||
| 49 | # Secret resource that will be used to store the account's private key. | ||
| 50 | name: acme-account-key | ||
| 51 | # Add a single challenge solver, HTTP01 using istio | ||
| 52 | solvers: | ||
| 53 | - http01: | ||
| 54 | ingress: | ||
| 55 | class: istio |
| ... | @@ -3,14 +3,6 @@ clusterIssuer: | ... | @@ -3,14 +3,6 @@ clusterIssuer: |
| 3 | strategicMergePatches: [] | 3 | strategicMergePatches: [] |
| 4 | caIssuer: | 4 | caIssuer: |
| 5 | secretName: root-ca | 5 | secretName: root-ca |
| 6 | letsencrypt: | ||
| 7 | enabled: true | ||
| 8 | email: name@example.com | ||
| 9 | tls_key: replace-me | ||
| 10 | solvers: | ||
| 11 | - http01: | ||
| 12 | ingress: | ||
| 13 | class: istio | ||
| 14 | root-ca: | 6 | root-ca: |
| 15 | crt: null | 7 | crt: null |
| 16 | key: null | 8 | key: null | ... | ... |
| ... | @@ -48,47 +48,3 @@ releases: | ... | @@ -48,47 +48,3 @@ releases: |
| 48 | spec: | 48 | spec: |
| 49 | ca: | 49 | ca: |
| 50 | secretName: {{ .Values.clusterIssuer.caIssuer.secretName }} | 50 | secretName: {{ .Values.clusterIssuer.caIssuer.secretName }} |
| 51 | - apiVersion: v1 | ||
| 52 | kind: Secret | ||
| 53 | metadata: | ||
| 54 | namespace: cert-manager | ||
| 55 | name: acme-account-key | ||
| 56 | {{- if .Values.clusterIssuer.letsencrypt.enabled }} | ||
| 57 | data: | ||
| 58 | tls.key: {{ .Values.clusterIssuer.letsencrypt.tls_key }} | ||
| 59 | {{- else }} | ||
| 60 | $patch: delete | ||
| 61 | {{- end }} | ||
| 62 | - apiVersion: cert-manager.io/v1 | ||
| 63 | kind: ClusterIssuer | ||
| 64 | metadata: | ||
| 65 | namespace: cert-manager | ||
| 66 | name: letsencrypt-staging | ||
| 67 | {{- if .Values.clusterIssuer.letsencrypt.enabled }} | ||
| 68 | spec: | ||
| 69 | acme: | ||
| 70 | email: {{ .Values.clusterIssuer.letsencrypt.email }} | ||
| 71 | {{- if .Values.clusterIssuer.letsencrypt.solvers }} | ||
| 72 | solvers: {{ .Values.clusterIssuer.letsencrypt.solvers | toYaml | nindent 14 }} | ||
| 73 | {{- end }} | ||
| 74 | {{- else }} | ||
| 75 | $patch: delete | ||
| 76 | {{- end }} | ||
| 77 | - apiVersion: cert-manager.io/v1 | ||
| 78 | kind: ClusterIssuer | ||
| 79 | metadata: | ||
| 80 | namespace: cert-manager | ||
| 81 | name: letsencrypt-production | ||
| 82 | {{- if .Values.clusterIssuer.letsencrypt.enabled }} | ||
| 83 | spec: | ||
| 84 | acme: | ||
| 85 | email: {{ .Values.clusterIssuer.letsencrypt.email }} | ||
| 86 | {{- if .Values.clusterIssuer.letsencrypt.solvers }} | ||
| 87 | solvers: {{ .Values.clusterIssuer.letsencrypt.solvers | toYaml | nindent 14 }} | ||
| 88 | {{- end }} | ||
| 89 | {{- else }} | ||
| 90 | $patch: delete | ||
| 91 | {{- end }} | ||
| 92 | {{- if not (empty (.Values.clusterIssuer.strategicMergePatches)) }} | ||
| 93 | {{- .Values.clusterIssuer.strategicMergePatches | toYaml | indent 6 }} | ||
| 94 | {{- end }} | ... | ... |
-
Please register or sign in to post a comment