Add certificate
This commit is contained in:
parent
f03ed9e7a1
commit
5da8acf0b5
4 changed files with 28 additions and 2 deletions
|
@ -24,4 +24,5 @@
|
|||
:postgres-size :2gb})
|
||||
(postgres/generate-service)
|
||||
(gitea/generate-appini-env config)
|
||||
(gitea/generate-ingress config)]))))
|
||||
(gitea/generate-ingress config)
|
||||
(gitea/generate-certificate config)]))))
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
"gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml")
|
||||
"gitea/services.yaml" (rc/inline "gitea/services.yaml")
|
||||
"gitea/volumes.yaml" (rc/inline "gitea/volumes.yaml")
|
||||
"gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml")
|
||||
(throw (js/Error. "Undefined Resource!")))))
|
||||
|
||||
#?(:cljs
|
||||
|
@ -55,3 +56,12 @@
|
|||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
||||
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
||||
|
||||
(defn-spec generate-certificate pred/map-or-seq?
|
||||
[config config?]
|
||||
(let [{:keys [fqdn issuer]
|
||||
:or {issuer "staging"}} config
|
||||
letsencrypt-issuer (name issuer)]
|
||||
(->
|
||||
(yaml/load-as-edn "gitea/certificate.yaml")
|
||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
|
||||
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
15
src/main/resources/gitea/certificate.yaml
Normal file
15
src/main/resources/gitea/certificate.yaml
Normal file
|
@ -0,0 +1,15 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: gitea-cert
|
||||
namespace: default
|
||||
spec:
|
||||
secretName: gitea-secret
|
||||
commonName: FQDN
|
||||
duration: 2160h # 90d
|
||||
renewBefore: 360h # 15d
|
||||
dnsNames:
|
||||
- FQDN
|
||||
issuerRef:
|
||||
name: staging
|
||||
kind: ClusterIssuer
|
|
@ -10,7 +10,7 @@ spec:
|
|||
tls:
|
||||
- hosts:
|
||||
- FQDN
|
||||
secretName: gitea-ingress-cert
|
||||
secretName: gitea-cert
|
||||
rules:
|
||||
- host: FQDN
|
||||
http:
|
||||
|
|
Loading…
Reference in a new issue