53 lines
1.7 KiB
YAML
53 lines
1.7 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-dns01-prod
|
|
spec:
|
|
acme:
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
email: gkpoubelle78@gmail.com
|
|
privateKeySecretRef:
|
|
name: letsencrypt-dns01-prod-key
|
|
solvers:
|
|
# Configuration DNS-01 pour OVH via webhook
|
|
# IMPORTANT: Vous devez installer cert-manager-webhook-ovh avant d'utiliser cette configuration
|
|
# Installation: helm repo add cert-manager-webhook-ovh https://cert-manager.github.io/webhook-ovh
|
|
# helm install cert-manager-webhook-ovh cert-manager-webhook-ovh/cert-manager-webhook-ovh -n cert-manager-ops
|
|
- selector:
|
|
dnsZones:
|
|
- "dev.gkdomaine.fr"
|
|
dns01:
|
|
webhook:
|
|
groupName: acme.gkdomaine.fr
|
|
solverName: ovh
|
|
config:
|
|
endpoint: ovh-eu
|
|
applicationKeyRef:
|
|
name: ovh-credentials
|
|
key: application-key
|
|
applicationSecretRef:
|
|
name: ovh-credentials
|
|
key: application-secret
|
|
consumerKeyRef:
|
|
name: ovh-credentials
|
|
key: consumer-key
|
|
|
|
# Option 4 : Generic (webhook personnalisé)
|
|
# - dns01:
|
|
# webhook:
|
|
# groupName: acme.example.com
|
|
# solverName: my-dns-solver
|
|
# config:
|
|
# # Configuration spécifique au webhook
|
|
|
|
# Option 5 : RFC2136 (DNS dynamique standard)
|
|
# - dns01:
|
|
# rfc2136:
|
|
# nameserver: 8.8.8.8
|
|
# tsigSecretSecretRef:
|
|
# name: rfc2136-credentials
|
|
# key: tsig-secret
|
|
# tsigKeyName: "keyname"
|
|
# tsigAlgorithm: HMACSHA256
|
|
|