cert-manager-webhook-dnspod

command module

v1.3.0 Latest Latest Go to latest Published: Nov 27, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/imroc/cert-manager-webhook-dnspod

Links

Open Source Insights

README ¶

cert-manager-webhook-dnspod

This is a cert-manager webhook solver for DNSPod.

Prerequisites

cert-manager >= 1.13.0

Installation

Helm

Generate SecretId and SecretKey in Cloud API

$ git clone https://github.com/imroc/cert-manager-webhook-dnspod.git
$ cd cert-manager-webhook-dnspod
$ helm upgrade --install cert-manager-webhook-dnspod ./chart \
    --namespace cert-manager \
    --set clusterIssuer.secretId=<SECRET_ID> \
    --set clusterIssuer.secretKey=<SECRET_KEY>

Notice: secretId, secretKey is not DNSPod secret, it's tencent cloud secret!

Then create certificate referring auto-created ClusterIssuer:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: example-crt
spec:
  secretName: example-crt
  issuerRef:
    name: dnspod
    kind: ClusterIssuer
    group: cert-manager.io
  dnsNames:
    - "example.com"
    - "*.example.com"

Kubectl Apply

Use kubectl apply to install:

kubectl apply -f https://raw.githubusercontent.com/imroc/cert-manager-webhook-dnspod/master/bundle.yaml

Create a secret that contains TencentCloud account's SecretKey:

apiVersion: v1
stringData:
  secret-key: ******
kind: Secret
metadata:
  name: dnspod-secret
  namespace: cert-manager
type: Opaque

base64 is not need in stringData.

Create a ClusterIssuer referring the secret:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: dnspod
spec:
  acme:
    email: roc@imroc.cc
    preferredChain: ""
    privateKeySecretRef:
      name: dnspod-letsencrypt
    server: https://acme-v02.api.letsencrypt.org/directory
    solvers:
      - dns01:
          webhook:
            config:
              secretId: ************************************
              secretKeyRef:
                key: secret-key
                name: dnspod-secret
              ttl: 600
            groupName: acme.imroc.cc
            solverName: dnspod

secretId is the SecretId of your TencentCloud account.

Create the Certificate you want:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: example-crt
spec:
  secretName: example-crt
  issuerRef:
    name: dnspod
    kind: ClusterIssuer
    group: cert-manager.io
  dnsNames:
    - "example.com"
    - "*.example.com"

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL