...
Here we are going to use an ACME issuer type that is configured to match the Kubernetes cluster that was set up previously in the Preparations - OCI chapter:
| Code Block | ||
|---|---|---|
| ||
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: example-issuer
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: <your email address of choice>
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: example-issuer-account-key
solvers:
- dns01:
webhook:
groupName: acme.d-n.be
solverName: oci
config:
ociProfileSecretName: oci-profile |
...
| Code Block | ||
|---|---|---|
| ||
oci:
certificates:
enabled: true
id: ocid1.certificate.oc1.eu-frankfurt-1.amaaaaaaqpnxi2aaftofigjmkytoomv2u2ycjenhvqsbarhfhpycfujihyyq
backendNSG: ocid1.networksecuritygroup.oc1.eu-frankfurt-1.aaaaaaaaephkmmm3hsyqw57wvkfssqlc56ddj7yknhgz7cgajxijvhqkzflq
healthcheck:
desktoponline:
port: 9001
ingressnginx:
port: 443
environment: oci
global:
domain: example-cluster.stratus.oci.digitalroute.net
ingressController:
serviceName: ingress-nginx-controller
imagePullSecrets:
- name: ecr-cred
licenseKey: VGhpcyBpcyBhIGZha2UgVXNhZ2UgRW5naW5lIFByaXZhdGUgRWRpdGlvbiBsaWNlbnNlIGtleSE=
log:
format: json
platform:
db:
type: postgresql
tls:
cert:
public: certManager
certManager:
public:
issuer:
kind: ClusterIssuer
name: example-issuer
enabled: true
postgres:
adminUsername: postgres
host: example-cluster-db-primary.postgresql.eu-frankfurt-1.oc1.oraclecloud.com
port: 5432
persistence:
enabled: true
existingClaim: fss-pvc |
...