Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ans-group/cert-manager-webhook-safedns


https://github.com/ans-group/cert-manager-webhook-safedns

cert-manager-webhook

Last synced: about 2 months ago
JSON representation

Awesome Lists containing this project

README 

        
# cert-manager-webhook-safedns



### Installing



The webhook can be installed with Helm as below:



* `helm repo add ans https://ans-group.github.io/helm-charts`

* `helm repo update`

* `helm install cert-manager-webhook-safedns ans/cert-manager-webhook-safedns`



> :warning: Installing via Helm currently requires Kubernetes `v1.17.0` and above (due to missing permissions in `extension-apiserver-authentication-reader`).

  this can be worked around by either creating a new role/role binding, or adding the following permissions to the `extension-apiserver-authentication-reader` role:



```

- apiGroups:

  - ""

  resourceNames:

  - extension-apiserver-authentication

  resources:

  - configmaps

  verbs:

  - list

- apiGroups:

  - ""

  resourceNames:

  - extension-apiserver-authentication

  resources:

  - configmaps

  verbs:

  - watch

```



Helm values can be found within the [chart repository](https://github.com/ans-group/helm-charts/tree/master/charts/cert-manager-webhook-safedns)



### Getting started



The SafeDNS webhook requires an API key with read/write permissions. This should be obtained via the ANS Portal before continuing



First, we'll create a `Secret` containing our API key:



```

kubectl create secret generic safedns-api-key --from-literal=api_key=

```



Next, we'll configure a LetsEncrypt `Issuer` using the SafeDNS `solver`:



```

cat <