Skip to content

cert_manager_crds

This plugin sets up the necessary Kubernetes objects to connect cert_manager with Let's Encrypt. By default, this plugin works with Let's Encrypt's staging API to avoid issues with blacklisting. To use the production API (i.e. to get valid certificates), change the value of config.environment to prod.

Configuration

# defaults
commands:
  install:
    script:
      - ansible-playbook k8s_letsencrypt.yml
  uninstall:
    script:
      - ansible-playbook k8s_letsencrypt.yml
namespace: cloudstack
version: latest
config:
  environment: staging|prod (default: staging)
  environments:
    - name: staging
      server: https://acme-staging-v02.api.letsencrypt.org/directory
    - name: prod
      server: https://acme-v02.api.letsencrypt.org/directory
  issuers:
    dns01:
      enabled: false
      provider: letsencrypt
      solver: cloudflare
      zone: ""
    http01:
      enabled: true
      provider: letsencrypt
  mail: ""

Last update: June 8, 2022