cert-manager-webhook-nextlayer

command module

v0.0.0-...-2eeed95 Latest Latest Go to latest Published: Nov 17, 2021 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nextlayergmbh/cert-manager-webhook-nextlayer

Links

Open Source Insights

README ¶

ACME Webhook for next layer DNS

This project provides a cert-manager ACME Webhook for next layer DNS and is based on the Example Webhook.

Requirements

helm >= v3.0.0
kubernetes >= v1.14.0
cert-manager >= 0.12.0

Configuration

The following table lists the configurable parameters of the cert-manager chart and their default values.

Parameter	Description	Default
`groupName`	Group name of the API service.	`dns.nextlayer.at`
`certManager.namespace`	Namespace where cert-manager is deployed to.	`kube-system`
`certManager.serviceAccountName`	Service account of cert-manager installation.	`cert-manager`
`image.repository`	Image repository	`registry.nextlayer.at/nextlayer/cert-manager-webhook-nextlayer`
`image.tag`	Image tag	`latest`
`image.pullPolicy`	Image pull policy	`Always`
`service.type`	API service type	`ClusterIP`
`service.port`	API service port	`443`
`resources`	CPU/memory resource requests/limits	`{}`
`nodeSelector`	Node labels for pod assignment	`{}`
`affinity`	Node affinity for pod assignment	`{}`
`tolerations`	Node tolerations for pod assignment	`[]`

Installation

cert-manager

Follow the instructions using the cert-manager documentation to install it within your cluster.

Webhook

By cloning the repo

git clone https://github.com/nextlayergmbh/cert-manager-webhook-nextlayer.git
cd cert-manager-webhook-nextlayer
helm install --namespace cert-manager cert-manager-webhook-nextlayer ./deploy/cert-manager-webhook-nextlayer

By adding the helm repo

helm repo add nextlayercm https://nextlayergmbh.github.io/cert-manager-webhook-nextlayer/
helm repo update
helm install --namespace cert-manager nextlayercm/cert-manager-webhook-nextlayer

Note: The kubernetes resources used to install the Webhook should be deployed within the same namespace as the cert-manager.

To uninstall the webhook run

helm uninstall --namespace cert-manager cert-manager-webhook-nextlayer

Issuer

Create a ClusterIssuer or Issuer resource as following:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    # The ACME server URL
    server: https://acme-staging-v02.api.letsencrypt.org/directory

    # Email address used for ACME registration
    email: mail@example.com # REPLACE THIS WITH YOUR EMAIL

    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-staging

    solvers:
      - dns01:
          webhook:
            groupName: dns.nextlayer.at
            solverName: nextlayer
            config:
              APIKey: <YOUR-DNS-API-KEY-HERE>

Credentials

For accessing the next layer DNS API, you need an API Token which you can request via the next layer support. Currently we don't provide a way to use secrets for you API KEY.

Thanks

Thanks to mecodia GmbH and Stephan Müller whose project served as an example for cert-manager-webhook-nextlayer.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
example package example contains a self-contained example of a webhook that passes the cert-manager DNS conformance tests	package example contains a self-contained example of a webhook that passes the cert-manager DNS conformance tests

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL