separate certificate for k8s dashboard (because of different namespace)

2026-01-11 09:59:43 +00:00 · 2018-07-22 17:16:04 +07:00 · 2018-07-22 17:16:04 +07:00 · 2f9f7339ec
commit 2f9f7339ec
parent c0ce99ec33
2 changed files with 18 additions and 3 deletions
--- a/certificate.yaml
+++ b/certificate.yaml
@ -15,7 +15,6 @@ spec:
  - git.gorilych.ru
  - jira.gorilych.ru
  - jupyter.gorilych.ru
  - k8s.gorilych.ru
  - router.gorilych.ru
  - seafile.gorilych.ru
  # w/a for rewrite-target from https://github.com/jetstack/cert-manager/issues/286#issuecomment-361033891
@ -28,7 +27,6 @@ spec:
      - git.gorilych.ru
      - jira.gorilych.ru
      - jupyter.gorilych.ru
      - k8s.gorilych.ru
      - router.gorilych.ru
      - seafile.gorilych.ru
--- a/k8s-dashboard-ingress.yaml
+++ b/k8s-dashboard-ingress.yaml
@ -1,11 +1,28 @@
 ---
 apiVersion: certmanager.k8s.io/v1alpha1
 kind: Certificate
 metadata:
  name: k8s-gorilych-ru-certificate
  namespace: kube-system
 spec:
  secretName: k8s-gorilych-ru-tls
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
  commonName: k8s.gorilych.ru
  # w/a for rewrite-target from https://github.com/jetstack/cert-manager/issues/286#issuecomment-361033891
  acme:
    config:
    - http01: { ingressClass: nginx }
      domains:
      - k8s.gorilych.ru
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
  name: kubernetes-dashboard
  namespace: kube-system
  annotations:
    kubernetes.io/tls-acme: "true"
    nginx.ingress.kubernetes.io/secure-backends: "true"
 spec:
  tls: