Add certificate

src/main/cljc/dda/c4k_gitea/core.cljc

@@ -24,4 +24,5 @@
                                           :postgres-size :2gb})
            (postgres/generate-service)
            (gitea/generate-appini-env config)
-           (gitea/generate-ingress config)]))))
+           (gitea/generate-ingress config)
+           (gitea/generate-certificate config)]))))

src/main/cljc/dda/c4k_gitea/gitea.cljc

@@ -28,6 +28,7 @@
        "gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml")  
        "gitea/services.yaml" (rc/inline "gitea/services.yaml")
        "gitea/volumes.yaml" (rc/inline "gitea/volumes.yaml")
+       "gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml")
        (throw (js/Error. "Undefined Resource!")))))
 
 #?(:cljs
@@ -55,3 +56,12 @@
      (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
      (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
   
+(defn-spec generate-certificate pred/map-or-seq?
+  [config config?]
+  (let [{:keys [fqdn issuer]
+         :or {issuer "staging"}} config
+        letsencrypt-issuer (name issuer)]
+    (->
+     (yaml/load-as-edn "gitea/certificate.yaml")
+     (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
+     (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))

src/main/resources/gitea/certificate.yaml

@@ -0,0 +1,15 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: gitea-cert
+  namespace: default
+spec:
+  secretName: gitea-secret
+  commonName: FQDN
+  duration: 2160h # 90d
+  renewBefore: 360h # 15d
+  dnsNames:
+  - FQDN
+  issuerRef:
+    name: staging
+    kind: ClusterIssuer

src/main/resources/gitea/ingress.yaml

@@ -10,7 +10,7 @@ spec:
   tls:
     - hosts:
         - FQDN
-      secretName: gitea-ingress-cert
+      secretName: gitea-cert
   rules:
     - host: FQDN
       http: