mirror of
https://github.com/kittywitch/nixfiles.git
synced 2026-02-09 12:29:19 -08:00
51 lines
No EOL
1.4 KiB
HCL
51 lines
No EOL
1.4 KiB
HCL
variable "cloudflare_api_token" {
|
|
type = string
|
|
}
|
|
|
|
resource "kubernetes_secret" "cloudflare_api_token" {
|
|
metadata {
|
|
name = "cloudflare-api-token"
|
|
namespace = "traefik"
|
|
}
|
|
data = {
|
|
api-token = var.cloudflare_api_token
|
|
}
|
|
type = "Opaque"
|
|
}
|
|
|
|
resource "kubernetes_manifest" "cert_manager_cloudflare_issuer" {
|
|
depends_on = [
|
|
helm_release.traefik
|
|
]
|
|
|
|
manifest = {
|
|
"apiVersion" = "cert-manager.io/v1"
|
|
"kind" = "Issuer"
|
|
"metadata" = {
|
|
"name" = "cloudflare"
|
|
"namespace" = "traefik"
|
|
}
|
|
"spec" = {
|
|
"acme" = {
|
|
"email" = "acme@inskip.me"
|
|
"privateKeySecretRef" = {
|
|
"name" = "cloudflare-key"
|
|
}
|
|
"server" = "https://acme-v02.api.letsencrypt.org/directory"
|
|
"solvers" = [
|
|
{
|
|
"dns01" = {
|
|
"cloudflare" = {
|
|
"apiTokenSecretRef" = {
|
|
"key" = "api-token"
|
|
"name" = "cloudflare-api-token"
|
|
}
|
|
"email" = "kat@inskip.me"
|
|
}
|
|
}
|
|
},
|
|
]
|
|
}
|
|
}
|
|
}
|
|
} |