From 5da8acf0b58016b440c508c8fee6c7e2aed9b93c Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 24 Jun 2022 10:31:22 +0200 Subject: [PATCH] Add certificate --- src/main/cljc/dda/c4k_gitea/core.cljc | 3 ++- src/main/cljc/dda/c4k_gitea/gitea.cljc | 10 ++++++++++ src/main/resources/gitea/certificate.yaml | 15 +++++++++++++++ src/main/resources/gitea/ingress.yaml | 2 +- 4 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 src/main/resources/gitea/certificate.yaml diff --git a/src/main/cljc/dda/c4k_gitea/core.cljc b/src/main/cljc/dda/c4k_gitea/core.cljc index c2d125b..19e319a 100644 --- a/src/main/cljc/dda/c4k_gitea/core.cljc +++ b/src/main/cljc/dda/c4k_gitea/core.cljc @@ -24,4 +24,5 @@ :postgres-size :2gb}) (postgres/generate-service) (gitea/generate-appini-env config) - (gitea/generate-ingress config)])))) + (gitea/generate-ingress config) + (gitea/generate-certificate config)])))) diff --git a/src/main/cljc/dda/c4k_gitea/gitea.cljc b/src/main/cljc/dda/c4k_gitea/gitea.cljc index 6cbaf70..eaee24c 100644 --- a/src/main/cljc/dda/c4k_gitea/gitea.cljc +++ b/src/main/cljc/dda/c4k_gitea/gitea.cljc @@ -28,6 +28,7 @@ "gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml") "gitea/services.yaml" (rc/inline "gitea/services.yaml") "gitea/volumes.yaml" (rc/inline "gitea/volumes.yaml") + "gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml") (throw (js/Error. "Undefined Resource!"))))) #?(:cljs @@ -55,3 +56,12 @@ (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) +(defn-spec generate-certificate pred/map-or-seq? + [config config?] + (let [{:keys [fqdn issuer] + :or {issuer "staging"}} config + letsencrypt-issuer (name issuer)] + (-> + (yaml/load-as-edn "gitea/certificate.yaml") + (assoc-in [:spec :issuerRef :name] letsencrypt-issuer) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) \ No newline at end of file diff --git a/src/main/resources/gitea/certificate.yaml b/src/main/resources/gitea/certificate.yaml new file mode 100644 index 0000000..5d31849 --- /dev/null +++ b/src/main/resources/gitea/certificate.yaml @@ -0,0 +1,15 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: gitea-cert + namespace: default +spec: + secretName: gitea-secret + commonName: FQDN + duration: 2160h # 90d + renewBefore: 360h # 15d + dnsNames: + - FQDN + issuerRef: + name: staging + kind: ClusterIssuer \ No newline at end of file diff --git a/src/main/resources/gitea/ingress.yaml b/src/main/resources/gitea/ingress.yaml index 3053976..6560fce 100644 --- a/src/main/resources/gitea/ingress.yaml +++ b/src/main/resources/gitea/ingress.yaml @@ -10,7 +10,7 @@ spec: tls: - hosts: - FQDN - secretName: gitea-ingress-cert + secretName: gitea-cert rules: - host: FQDN http: