diff --git a/clusters/k8s01/cert-manager/clusterIssuer.yaml b/clusters/k8s01/cert-manager/clusterIssuer.yaml new file mode 100644 index 0000000000000000000000000000000000000000..93edd268feb3f8a7c55339e529a22d3b3a2efaec --- /dev/null +++ b/clusters/k8s01/cert-manager/clusterIssuer.yaml @@ -0,0 +1,74 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt +spec: + acme: + email: ENC[AES256_GCM,data:y7p+pz5xHmvFhtDtsWFhETwfeBGjtiiqAaRx+TGk0GliISm8eh+m1XhlhskV1T40,iv:82xoAFuQdjnPVXEftyZeyA5o0YIeuRDCRGaClyhQRjw=,tag:9vUJsgO1KZvuyPwT4qXpVQ==,type:str] + preferredChain: "" + privateKeySecretRef: + name: letsencrypt + server: https://acme-v02.api.letsencrypt.org/directory + solvers: + - selector: + dnsZones: + - ENC[AES256_GCM,data:lI26dQRhgFYWW2JTnUNYeleCfw==,iv:+lB+hEy9ChwYie8VZIiIX0bLSJbxnuFDkpqQdDSIqa4=,tag:KjIflxYwrbEdNwbAYCXmiw==,type:str] + - ENC[AES256_GCM,data:/el0CSdy6qliGRk=,iv:CKVu63JrIk8OworQJ/9JftsiR+Ic/DnqB5Woag4aRBM=,tag:MSVOgT9MJTiGA8BntTaUjA==,type:str] + dns01: + cloudflare: + email: ENC[AES256_GCM,data:V8QbmGQsZjDEnYe76ASfj/ZXOlIM7/OEvovNG0o=,iv:zpTfsCmrlo7NxC/6iOXuP3IB5wjHS34A03R3JqDW798=,tag:pmrFIF9MPlv5gMICaDZZKQ==,type:str] + apiTokenSecretRef: + name: cloudflare-api-token-secret + key: api-token +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-01-21T00:08:17Z" + mac: ENC[AES256_GCM,data:jm8cDYzpYNYWKIAYGk7iHY9oop1CmoTAnkmWPJeINr+/QjFuBcNloC4DAcUTp2PLbP55D9Ueb7mtmNCowzyVoKwF6hk2pw1gSBV1CxFKa5nWHr5YWmoLdGcYJ5vHMZNWg6zQURezPvT9J3Vb9FF7B8Mshld2iwTkC336ojKJmzU=,iv:TRHZmPy3MxZFgw53i3YBMg7nqhHdAl9OisMrx1RSGzg=,tag:PqRAkBLSrl3hYSnC++KF5g==,type:str] + pgp: + - created_at: "2022-01-21T00:02:00Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcARAAfDgRmJyR64TCHuJRDu4w9Nf2dIfKT1ctsmQoJRcFuaMB + Xeelg5NkfLgCZ2hZar+ttC4Iv4aOlpa4aDrlHPnW8wPD5BHRO6eV/F6qazV8szDA + w21AnI0Kaa9gTxJUUHXlhXkTQ+pn3Z8X8gVtY45XbplA0T5h4b7k14SO11oipPjZ + n4rp5WUx160y1ZWFDv81tv3RhftFoMo5Quy86V0qwaFsSbcYYJ2Y8k3RhIdNU4VP + lgPofSMDxfF1O/UUSpuQkq9fB0sN2FxRlLDrYycne95hOk45AI81DJPrkW9h/dmK + +Fn1XScW4SZhJHn/7zFvp/DvWyPoj/gSIUhxPvAemxerYdXptc4grayFgf88LVPM + RmXWzp6lhCaBStiZHb58mwypCEMr9s7Wf8e65hZAbeeKp2BFDZyAj0ZP5Ll69xJO + dKgXec15136nEfJ0TkHQitQIWbK8Suyv7TBgQBmgS6n0NLDzdSbzo2SHQmFEX78t + wV64meyExkIfpzHgLmSRHqSD9U/TcJE02UsKLR001PwezZ5DVobk+c36uWksO1iK + mV2h3w44zC5ycEtSHiX/q92DzoXtOfJTzPZcMQvtt0F8yKiJzLp2DuxEl9jUCqEu + nSTWOc3HQowEk48ZncRdC/I3OlKUhqwOsjbelO04Pg9IGExAi/FZ/cCO7Q454SzS + 5gG6puzYyKXDgnfceh4Akbeb9CjSO3PliWROhIXqYIIzR2xZRC0tomw6UNyrCU/a + yQJTwCG8LOZ+myOp7NhgnS3k/mZ+ROZtySLh9n/bLAbMX+K28OR+AA== + =jtt/ + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2022-01-21T00:02:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPAQ//cLSydLAzqxMAKzXqVW5gsUp4auulCVKcc/P8z5GvBWhx + GB/MM1E1FKNzhS3Jx/73pfHwkpr2tc3Oi9aIyCEuo+Jppi4YqC9f8K7f+MlkPjJh + d52SxHBuV8mkvZvJJ4Gj19f0fIHoviBy7ru2w5cRKPGfwjr+uKbpB41H6FRkvim9 + YKsrHD0Md6rrHSV0GOQofDXvJoNc9VoBLdbyy2zkGqKf5qelmxXgx633vMKzFEXn + AWhqM/ik/wsJNm7WAzL7SZtnVxRMoAOJwx8sHrtBEVDBSw8PvYPYIMUWdkdR1ifQ + FRIH+r7clzxQVxlP7H0mPse5vil9GsYsUUos0yfWZQ8azKndvn/fVP/sFIcwTk3l + VPU956SofZU3DQCtCGJo3L0mWD4uBUVQsu6zCRn5b+Bdc5SrnsPJ9cSveZ3ojP/h + Lb87uaCypGjPWM2d3OxJHUdGZWZAmnncFxB8D5z0exKJIC9BJpQXtjIAkHamMcNO + ymWWI5g97ThbJTfCNDeUJls+OheoAfCYv/F9x+Jw8erq64bHNv6bn7R0TvO/2ooZ + LUp89Yvuu1zrRrqrERH8Q1UTnlktGcYpQCMsKRO8AqyqtLaVv2bFg9TBgHjhoI7X + v2FmclT6kzBjaJuGZ5VZEPPtqBN4GDwg69GvwPjIJOIyDbTkCfCP/GoPdWtZG7LU + ZgEJAhDH7i8kP6d7FfTLCxrtcdcxbWHyBwcS5vlAFjDhp5ZAnCtFE+32dSV0BgH2 + D9ti8+k9baZWmW9OLxSo1Etv/riEiTZAZols96hMElXVTHyJSxBIuC31EY7fZU7Q + 9RqFkG/wVA== + =yCBH + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?)$ + version: 3.7.1 diff --git a/clusters/k8s01/cert-manager/kustomization.yaml b/clusters/k8s01/cert-manager/kustomization.yaml new file mode 100644 index 0000000000000000000000000000000000000000..22e43b0eb24cacc88dd3b4c3ab75fae91ec51ab3 --- /dev/null +++ b/clusters/k8s01/cert-manager/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- clusterIssuer.yaml diff --git a/clusters/k8s01/cert-manager/secret.yaml b/clusters/k8s01/cert-manager/secret.yaml new file mode 100644 index 0000000000000000000000000000000000000000..195e851625d8c132dba1c365898b7b88a5d3bc42 --- /dev/null +++ b/clusters/k8s01/cert-manager/secret.yaml @@ -0,0 +1,59 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cloudflare-api-token-secret +type: Opaque +stringData: + api-token: ENC[AES256_GCM,data:aQ/7yj96zkUZqcSlgSBGbIULa6BDwj7dNsOquc+Zf6tTFfNeZSqOkw==,iv:sRGYG/vVyU3PxexLJ+G2dMKvrD1+v7x2KiQekd/P4i8=,tag:bpmzzikmBtyiMt8bY/jEVQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-01-21T00:11:26Z" + mac: ENC[AES256_GCM,data:9O3/1xqzfSuU0pJZ0X+qWjmHZzlS4IEzV/uusa/y0ydH3B7eQ2BZ5ANSvc1JcdGW6sxOOU5yyVHDlG2Nza6JpBrVoWdL5Oqa1BCQhjTI4Wv+jxYy7UoWK7bND2VS0GGB4rjA8xFDRuAPJpDSTWPUbwnGQbngSIN5j6AmsgMNcGA=,iv:IuB4rAX0pPLgZQXi6PF3mNf575DPx0AKdBWkfgNFAMQ=,tag:73/Xyc5H8Ic6CJFgOuCLLg==,type:str] + pgp: + - created_at: "2022-01-21T00:08:24Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcARAAM3AkMXTBOCOOp6oXkubQtRSFx2ZULIB4mE2oCtU/OXW2 + 7SISIiiPm7pwXdaH414jEQL5WUUYosWlGoN2+Quo4CvxaZ92gfCE8oYKzKAxdiJa + G5YqQUfBfHyx+jWJ7cu4FdLQUWXtFYEGNIQvJ4NN+dXe2V0C3hlZP9LA5hsdQ+lu + L2CB3I2I0dU2SYDy69urBbHBpnocNQAAuIl7J5VfI9QEQ6PIgY6IkDBEuy+Rca+w + yLa8gNhl22rYVdwzV/qQtARLtEFjvHG+pQ6l8BggE/BlPWMcmXR4aovJMHsOf61U + n+s6kqa2u+v8PggBhXEMrpbhBvS7wi3HrGWPptifU1sAPGWDxceSlGtsGTdPk6hs + R5MmaLOsnUXkZqEnBkfsDwHrEIpTSR3m2YKLrtkawHG/P8Nw0UZy/DLr1/Skg842 + KC/kEb5fbQ+XLBJ61EVKQ4hDLGIp5j7UxJZK4D0uodLCyHCm98vNijLBn9CqQbKK + xNU6x5Kci+mJDoMitrk8RQg5RDItNgOJlxftuXDURxOuCxLiG9yW3P/oUmGq/CKa + COfhK/hyyHCvTpzNOKx47X0dy5LhozFvqQvx8WqTm5guTYnhyFsaStJAO6QAq4Xw + lCDIzt5mQz+DMF+bdOEtxylGHWJtFwsg+nLnqB62gQCM/cRYb33Fn4SaixRhA87S + 5gGmHNMT8wbJKbXcmaJWfsrfhOw1uuZt7uWsrkAyhvasgWBLnwkZW5dAoEel8RMO + ZORx7y7ILdgguoXrVfWH2DHkVxa6Hh9588eUrk51K3rHA+Lbu8b+AA== + =6qg+ + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2022-01-21T00:08:24Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPARAAlS0F5saZPiY0bXEtKYtAf0aLBTLBvbQz88NXklrerQr4 + FZ4gsPiwxV9QXS1UQ1hbo8uWjgZ27hl5nvJcekNtnRpQ5fne2Ilk6po1jIUZr6Bj + XrGP18NVEIUzabMJEqNu8qdB4VOHIaDhIPHAbn5PGdSnXQ1wbKEoxAD15DXFQ5jZ + 965pSw6QHA+b+a63UA52YcP7A/I5PqR1feJsAKMiK+EybK7aDn8kxqrfxzh9bT/+ + BHkEcyhObCy97eSF5r4gf62bSwQMpTYt8dNrVXxylXgW8itUxBV4yKQWLfJBK9h3 + MIK47HhVRuI133z8CG2jP8tY08WTkbm6ocjqeckgAARcww0frMA1a+r9gfxWD4md + qwvsUEPJtO3H2PCkVN9nREHjLDlJQqdHwQP2230NgTAsxdgpjUjy5JsD6RnhHNEW + Eu+HGp/IPiq7YQ57jOIcMKUPenuVzLoNg6jWSH8XyMrPNfEFpxTEFzMcz9bX81uC + SygHzwe6wuBJjvI1JsVlXp8b73etwtSijfPPMg6QS6tRGpLFArayMC/G3gRTMjXk + NQPMDJyGlWJejkBl5XXE+MnxAdbmMFssoZaffr/FSb9bQ/LTpM4fvgae675otSE1 + c+6sJiDDxQAnXD7Vdd1OWbKXw864TebtNw0ARHrWI3zhfk4u79+WtqSu/7Lxe4XU + aAEJAhCtSi3m8Pm/MGNVH7Zh0wuq0zvqdCi8d6KW2l/XibQQG2eqmCThTkfV8tnD + t2NbrWTB5tn6o5I5HkrS3RcDFyBpW7AnB5IMUREwqB+q7aM8xvv5TPj69LlwG7hi + njb4QhuyztZe + =eS8Z + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang)$ + version: 3.7.1