kube: add ellenjoe config

Signed-off-by: Xe Iaso <[email protected]>
Xe · Jan 24, 2025 · 1cab723 · 1cab723
1 parent 501a395
commit 1cab723
Show file tree

Hide file tree

Showing 4 changed files with 85 additions and 0 deletions.
diff --git a/kube/ellenjoe/core/ca.yaml b/kube/ellenjoe/core/ca.yaml
@@ -0,0 +1,58 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned-issuer
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: my-selfsigned-ca
+  namespace: default
+spec:
+  isCA: true
+  commonName: my-selfsigned-ca
+  secretName: root-secret
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+  issuerRef:
+    name: selfsigned-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: selfsigned-ca
+  namespace: default
+spec:
+  ca:
+    secretName: root-secret
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: test-ellenjoe-within-lgbt
+  namespace: default
+spec:
+  secretName: test-ellenjoe-within-lgbt-tls
+  duration: 2160h # 90d
+  renewBefore: 360h # 15d
+  usages:
+    - digital signature
+    - key encipherment
+  dnsNames:
+    - test.ellenjoe.within.lgbt
+  issuerRef:
+    name: "selfsigned-issuer"
+    kind: ClusterIssuer
+    group: cert-manager.io
diff --git a/kube/ellenjoe/core/cert-manager.yaml b/kube/ellenjoe/core/cert-manager.yaml
@@ -0,0 +1,13 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: cert-manager
+  namespace: kube-system
+spec:
+  repo: https://charts.jetstack.io
+  chart: cert-manager
+  targetNamespace: cert-manager
+  createNamespace: true
+  set:
+    installCRDs: "true"
+    "prometheus.enabled": "false"
diff --git a/kube/ellenjoe/core/kustomization.yaml b/kube/ellenjoe/core/kustomization.yaml
@@ -0,0 +1,4 @@
+resources:
+  - ca.yaml
+  - cert-manager.yaml
+  - tor-controller.yaml
diff --git a/kube/ellenjoe/core/tor-controller.yaml b/kube/ellenjoe/core/tor-controller.yaml
@@ -0,0 +1,10 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: tor-controller
+  namespace: kube-system
+spec:
+  repo: https://bugfest.github.io/tor-controller
+  chart: tor-controller
+  targetNamespace: tor-controller
+  createNamespace: true