m0e/datatroniq_challenge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed url typos and switched to prod clusterissuer

Browse Source
This commit is contained in:
m0e 2025-10-30 16:03:46 +01:00
parent 173f7e7d7a
commit 13dbc99d1a
Signed by: m0e
GPG Key ID: 3CCA6D483D789AEB
4 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/k3s/tasks/main.yml
View File

@ -68,7 +68,7 @@
# Download kubeconfig for remote access
- name: Fetch kubconfig
ansible.builtin.fetch:
ansible.builtin.fetch:
src: /etc/rancher/k3s/k3s.yaml
dest: ../kubeconfig
flat: yes

4
ansible/roles/k8s-cert-manager/files/clusterissuer-prod.yaml
View File

@ -1,13 +1,13 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
name: letsencrypt-prod
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: admin@nyxsec.de
privateKeySecretRef:
name: letsencrypt-staging
name: letsencrypt-prod
solvers:
- http01:
ingress:

16
ansible/roles/k8s-kube-prom-stack/files/values.yaml
View File

@ -604,7 +604,7 @@ alertmanager:
annotations:
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: ingress-secret
nginx.ingress.kubernetes.io/auth-realm: 'Please login'
@ -637,7 +637,7 @@ alertmanager:
tls:
- secretName: alertmanager-general-tls
hosts:
- alertmanager.moritz.agitroniq.net
- alertmanager.moritz.agitronic.net
# -- BETA: Configure the gateway routes for the chart here.
# More routes can be added by adding a dictionary key like the 'main' route.
@ -1331,7 +1331,7 @@ grafana:
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging
cert-manager.io/cluster-issuer: letsencrypt-prod
#
# ## Labels to be added to the Ingress
# ##
@ -1341,7 +1341,7 @@ grafana:
# ## Must be provided if Ingress is enable.
# ##
hosts:
- grafana.moritz.agitroniq.net
- grafana.moritz.agitronic.net
## Path for grafana ingress
path: /
@ -1352,7 +1352,7 @@ grafana:
tls:
- secretName: grafana-general-tls
hosts:
- grafana.moritz.agitroniq.net
- grafana.moritz.agitronic.net
# # To make Grafana persistent (Using Statefulset)
# #
@ -3728,7 +3728,7 @@ prometheus:
annotations:
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: ingress-secret
nginx.ingress.kubernetes.io/auth-realm: 'Please login'
@ -3741,7 +3741,7 @@ prometheus:
## Must be provided if Ingress is enabled.
##
hosts:
- prometheus.moritz.agitroniq.net
- prometheus.moritz.agitronic.net
## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix
##
@ -3758,7 +3758,7 @@ prometheus:
tls:
- secretName: prometheus-general-tls
hosts:
- prometheus.moritz.agitroniq.net
- prometheus.moritz.agitronic.net
# -- BETA: Configure the gateway routes for the chart here.
# More routes can be added by adding a dictionary key like the 'main' route.

4
ansible/roles/k8s-wordpress/files/values.yaml
View File

@ -633,7 +633,7 @@ ingress:
ingressClassName: "nginx"
## @param ingress.hostname Default host for the ingress record. The hostname is templated and thus can contain other variable references.
##
hostname: wordpress.moritz.agitroniq.net
hostname: wordpress.moritz.agitronic.net
## @param ingress.path Default path for the ingress record
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
##
@ -647,7 +647,7 @@ ingress:
## e.g:
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-staging
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/enable-modsecurity: 'true'
nginx.ingress.kubernetes.io/modsecurity-snippet: |
SecRuleEngine On