m0e/datatroniq_challenge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed url typos and switched to prod clusterissuer

Browse Source
This commit is contained in:
m0e 2025-10-30 16:03:46 +01:00
parent 173f7e7d7a
commit 13dbc99d1a
Signed by: m0e
GPG Key ID: 3CCA6D483D789AEB
4 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/roles/k8s-cert-manager/files/clusterissuer-prod.yaml
View File

@ -1,13 +1,13 @@
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:
name: letsencrypt-staging name: letsencrypt-prod
spec: spec:
acme: acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory server: https://acme-staging-v02.api.letsencrypt.org/directory
email: admin@nyxsec.de email: admin@nyxsec.de
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-staging name: letsencrypt-prod
solvers: solvers:
- http01: - http01:
ingress: ingress:

16
ansible/roles/k8s-kube-prom-stack/files/values.yaml
View File

@ -604,7 +604,7 @@ alertmanager:
annotations: annotations:
kubernetes.io/tls-acme: "true" kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/auth-type: basic nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: ingress-secret nginx.ingress.kubernetes.io/auth-secret: ingress-secret
nginx.ingress.kubernetes.io/auth-realm: 'Please login' nginx.ingress.kubernetes.io/auth-realm: 'Please login'
@ -637,7 +637,7 @@ alertmanager:
tls: tls:
- secretName: alertmanager-general-tls - secretName: alertmanager-general-tls
hosts: hosts:
- alertmanager.moritz.agitroniq.net - alertmanager.moritz.agitronic.net
# -- BETA: Configure the gateway routes for the chart here. # -- BETA: Configure the gateway routes for the chart here.
# More routes can be added by adding a dictionary key like the 'main' route. # More routes can be added by adding a dictionary key like the 'main' route.
@ -1331,7 +1331,7 @@ grafana:
annotations: annotations:
kubernetes.io/ingress.class: nginx kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true" kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging cert-manager.io/cluster-issuer: letsencrypt-prod
# #
# ## Labels to be added to the Ingress # ## Labels to be added to the Ingress
# ## # ##
@ -1341,7 +1341,7 @@ grafana:
# ## Must be provided if Ingress is enable. # ## Must be provided if Ingress is enable.
# ## # ##
hosts: hosts:
- grafana.moritz.agitroniq.net - grafana.moritz.agitronic.net
## Path for grafana ingress ## Path for grafana ingress
path: / path: /
@ -1352,7 +1352,7 @@ grafana:
tls: tls:
- secretName: grafana-general-tls - secretName: grafana-general-tls
hosts: hosts:
- grafana.moritz.agitroniq.net - grafana.moritz.agitronic.net
# # To make Grafana persistent (Using Statefulset) # # To make Grafana persistent (Using Statefulset)
# # # #
@ -3728,7 +3728,7 @@ prometheus:
annotations: annotations:
kubernetes.io/tls-acme: "true" kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/auth-type: basic nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: ingress-secret nginx.ingress.kubernetes.io/auth-secret: ingress-secret
nginx.ingress.kubernetes.io/auth-realm: 'Please login' nginx.ingress.kubernetes.io/auth-realm: 'Please login'
@ -3741,7 +3741,7 @@ prometheus:
## Must be provided if Ingress is enabled. ## Must be provided if Ingress is enabled.
## ##
hosts: hosts:
- prometheus.moritz.agitroniq.net - prometheus.moritz.agitronic.net
## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix ## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix
## ##
@ -3758,7 +3758,7 @@ prometheus:
tls: tls:
- secretName: prometheus-general-tls - secretName: prometheus-general-tls
hosts: hosts:
- prometheus.moritz.agitroniq.net - prometheus.moritz.agitronic.net
# -- BETA: Configure the gateway routes for the chart here. # -- BETA: Configure the gateway routes for the chart here.
# More routes can be added by adding a dictionary key like the 'main' route. # More routes can be added by adding a dictionary key like the 'main' route.

4
ansible/roles/k8s-wordpress/files/values.yaml
View File

@ -633,7 +633,7 @@ ingress:
ingressClassName: "nginx" ingressClassName: "nginx"
## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references. ## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references.
## ##
hostname: wordpress.moritz.agitroniq.net hostname: wordpress.moritz.agitronic.net
## @param ingress.path Default path for the ingress record ## @param ingress.path Default path for the ingress record
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
## ##
@ -647,7 +647,7 @@ ingress:
## e.g: ## e.g:
annotations: annotations:
kubernetes.io/ingress.class: nginx kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-staging cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/enable-modsecurity: 'true' nginx.ingress.kubernetes.io/enable-modsecurity: 'true'
nginx.ingress.kubernetes.io/modsecurity-snippet: | nginx.ingress.kubernetes.io/modsecurity-snippet: |
SecRuleEngine On SecRuleEngine On