From a88ff50fc28c64328a4e1fd25fa85c831593170c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Fernandes?= Date: Fri, 29 May 2026 13:30:08 +0000 Subject: [PATCH] add replicator: automatic sync tls wildcard --- casa-limbosolutions-com/README.md | 5 +++++ casa-limbosolutions-com/certificate.yaml | 3 --- services/replicator/README.md | 13 +++++++++++++ 3 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 casa-limbosolutions-com/README.md create mode 100644 services/replicator/README.md diff --git a/casa-limbosolutions-com/README.md b/casa-limbosolutions-com/README.md new file mode 100644 index 0000000..3f39ce0 --- /dev/null +++ b/casa-limbosolutions-com/README.md @@ -0,0 +1,5 @@ +``` bash +kubectl annotate secret casa-limbosolutions-com-tls \ + -n casa-limbosolutions-com \ + replicator.v1.mittwald.de/replicate-to="home-assistant,node-red,lyrionmusicserver" +``` diff --git a/casa-limbosolutions-com/certificate.yaml b/casa-limbosolutions-com/certificate.yaml index ff764a2..6f10cce 100644 --- a/casa-limbosolutions-com/certificate.yaml +++ b/casa-limbosolutions-com/certificate.yaml @@ -1,6 +1,3 @@ -# Proxima iteração arranjar uma maneira de copiar os certificados entre namespaces, ainda foi a mão -# ter em atenção que ao copiar é melhor apagar anotations do cert manager para o mesmo nao ser gerido por mais do que um namespcace - apiVersion: cert-manager.io/v1 kind: Certificate diff --git a/services/replicator/README.md b/services/replicator/README.md new file mode 100644 index 0000000..6b36f82 --- /dev/null +++ b/services/replicator/README.md @@ -0,0 +1,13 @@ +# replicator + +Kubernetes Replicator (mittwald/kubernetes‑replicator) is a lightweight controller that automatically copies Secrets and ConfigMaps between namespaces. It is ideal for sharing resources like wildcard TLS certificates generated by cert‑manager across multiple namespaces without manual copying. + +Replicator watches for annotations on a source Secret and keeps synchronized copies updated in the target namespaces. It preserves custom metadata and removes cert‑manager‑specific annotations from the replicated secrets to avoid conflicts. When cert‑manager renews a certificate, Replicator automatically updates all replicated copies. + +``` bash +helm repo add mittwald https://helm.mittwald.de +kubectl create namespace replicator +helm repo update +helm upgrade --install replicator mittwald/kubernetes-replicator \ + --namespace replicator +```