add environment

2025-11-25 20:29:51 +01:00
parent 316a2db1d9
commit bf41a067a8
12 changed files with 246 additions and 6 deletions
--- a/environment/cloudflare-issuer/certificate.yaml
+++ b/environment/cloudflare-issuer/certificate.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: wildcard-certificate
+  namespace: cert-manager
+spec:
+  secretName: wildcard-tls
+  issuerRef:
+    name: cloudflare-dns
+    kind: ClusterIssuer
+  dnsNames:
+    - "*.PLACEHOLDER_DOMAIN"
+    - PLACEHOLDER_DOMAIN
+
--- a/environment/cloudflare-issuer/cluster-issuer.yaml
+++ b/environment/cloudflare-issuer/cluster-issuer.yaml
@@ -0,0 +1,20 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: cloudflare-dns
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: PLACEHOLDER_EMAIL
+    privateKeySecretRef:
+      name: cloudflare-dns-issuer-key
+    solvers:
+      - dns01:
+          cloudflare:
+            apiTokenSecretRef:
+              name: cloudflare-api-token
+              key: api-token
+        selector:
+          dnsZones:
+            - PLACEHOLDER_DOMAIN
+
--- a/environment/cloudflare-issuer/kustomization.yaml
+++ b/environment/cloudflare-issuer/kustomization.yaml
@@ -0,0 +1,52 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - cluster-issuer.yaml
+  - certificate.yaml
+
+# Configuration: Edit the domain and email values below
+replacements:
+  - source:
+      kind: ConfigMap
+      name: cloudflare-config
+      fieldPath: data.domain
+    targets:
+      - select:
+          kind: ClusterIssuer
+          name: cloudflare-dns
+        fieldPaths:
+          - spec.acme.solvers[0].selector.dnsZones[0]
+      - select:
+          kind: Certificate
+          name: wildcard-certificate
+        fieldPaths:
+          - spec.dnsNames[1]
+  - source:
+      kind: ConfigMap
+      name: cloudflare-config
+      fieldPath: data.wildcard-domain
+    targets:
+      - select:
+          kind: Certificate
+          name: wildcard-certificate
+        fieldPaths:
+          - spec.dnsNames[0]
+  - source:
+      kind: ConfigMap
+      name: cloudflare-config
+      fieldPath: data.email
+    targets:
+      - select:
+          kind: ClusterIssuer
+          name: cloudflare-dns
+        fieldPaths:
+          - spec.acme.email
+
+configMapGenerator:
+  - name: cloudflare-config
+    literals:
+      # Change these values to match your domain and email
+      - domain=demo.olsen.cloud
+      - wildcard-domain=*.demo.olsen.cloud
+      - email=admin@demo.olsen.cloud
+