fix: own tls cert and issuer

helm/webapp/templates/ingress.yaml

@@ -20,6 +20,7 @@ metadata:
     {{- include "webapp.labels" . | nindent 4 }}
   annotations:
     kubernetes.io/ingress.class: nginx
+    cert-manager.io/issuer: "{{ .Values.cert.issuer.name }}-webapp"
     nginx.ingress.kubernetes.io/use-regex: "true"
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

helm/webapp/templates/issuer-letsencrypt.yaml

@@ -0,0 +1,15 @@
+{{- $fullName := include "reader.fullname" . -}}
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: "{{ .Values.cert.issuer.name }}-webapp"
+spec:
+  acme:
+    server: {{ .Values.cert.acme.server }}
+    email: {{ .Values.cert.acme.email }}
+    privateKeySecretRef:
+      name: {{ .Values.cert.issuer.name }}
+    solvers:
+      - http01:
+          ingress:
+            name: "{{ $fullName }}"

helm/webapp/values-demo-0.yaml

@@ -8,3 +8,9 @@ ingress:
     - secretName: secret-webapp-tls-server
       hosts:
         - awakari.com
+
+cert:
+  acme:
+    server: "https://acme-v02.api.letsencrypt.org/directory"
+  issuer:
+    name: letsencrypt

helm/webapp/values.yaml

@@ -74,3 +74,10 @@ nodeSelector: {}
 tolerations: []
 
 affinity: {}
+
+cert:
+  acme:
+    email: "awakari@awakari.com"
+    server: "https://acme-staging-v02.api.letsencrypt.org/directory"
+  issuer:
+    name: letsencrypt-staging