myLimbo/casa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add cert manager
Deploy Casa services CI/CD Pipeline / deploy (push) Successful in 18s

Browse Source
This commit is contained in:
Márcio Fernandes
2026-05-29 12:24:30 +00:00
parent e51105ef54
commit 101593512f
6 changed files with 171 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/cert-manager/README.md
+94
View File
@@ -0,0 +1,94 @@
# cert-manager
- [cloudflare](#cloudflare)
- [api secrets](#api-secrets)
- [Cluster Issuer](#cluster-issuer)
- [Staging](#staging)
- [Deploy](#deploy)
- [Describe](#describe)
- [Production](#production)
- [Deploy (Production)](#deploy-production)
- [Describe (Production)](#describe-production)
- [helm chart](#helm-chart)
## cloudflare
## api secrets
[cloudflare-api-token.yaml](./cloudflare-api-token.yaml).
```bash
set -a
source ./.env
set +a
envsubst < ./cloudflare-api-token.yaml \
| kubectl apply -n kube-system -f -
```
## Cluster Issuer
### Staging
#### Deploy
[letsencrypt-clusterissuer-staging.yaml](./letsencrypt-clusterissuer-staging.yaml).
```bash
set -a
source ./.env
set +a
envsubst < ./letsencrypt-clusterissuer-staging.yaml \
| kubectl apply -n kube-system -f -
```
#### Describe
```bash
kubectl describe clusterissuer letsencrypt-staging
```
### Production
#### Deploy (Production)
[letsencrypt-clusterissuer-prod.yaml](./letsencrypt-clusterissuer-prod.yaml).
```bash
set -a
source ./.env
set +a
envsubst < ./letsencrypt-clusterissuer-prod.yaml \
| kubectl apply -n kube-system -f -
```
```bash
set -a
source ./.env
set +a
envsubst < ./letsencrypt-clusterissuer-staging.yaml \
| kubectl apply -n kube-system -f -
```
#### Describe (Production)
```bash
kubectl describe clusterissuer letsencrypt-prod
```
**Force cert refresh:**
``` bash
kubectl delete certificaterequest -l cert-manager.io/certificate-name=monitoring-limbosolutions-com-tls
kubectl delete order -l cert-manager.io/certificate-name=monitoring-limbosolutions-com-tls
```
## helm chart
``` bash
helm repo add jetstack https://charts.jetstack.io --force-update
helm upgrade --install cert-manager jetstack/cert-manager \
--namespace kube-system \
--version=v1.20.2 \
--create-namespace \
--set crds.enabled=true
```