45 lines
1.2 KiB
YAML
45 lines
1.2 KiB
YAML
---
|
|
|
|
- name: Helm add Jetstack repo
|
|
delegate_to: "{{ kubectl_host }}"
|
|
run_once: true
|
|
kubernetes.core.helm_repository:
|
|
name: jetstack
|
|
repo_url: "https://charts.jetstack.io"
|
|
|
|
- name: Helm deploy Jetstack Cert-Manager
|
|
delegate_to: "{{ kubectl_host }}"
|
|
kubernetes.core.helm:
|
|
kubeconfig: "{{ kubeconfig }}"
|
|
chart_ref: jetstack/cert-manager
|
|
release_name: cert-manager
|
|
release_namespace: cert-manager
|
|
create_namespace: true
|
|
wait: true
|
|
# https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml
|
|
values:
|
|
installCRDs: true
|
|
startupapicheck:
|
|
timeout: 10m
|
|
|
|
- name: Deploy cluster issuer
|
|
delegate_to: "{{ kubectl_host }}"
|
|
kubernetes.core.k8s:
|
|
kubeconfig: "{{ kubeconfig }}"
|
|
resource_definition:
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-prod
|
|
namespace: default
|
|
spec:
|
|
acme:
|
|
email: "{{ letsencrypt_email }}"
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
name: letsencrypt-prod-private-key
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
class: traefik
|