| # Copyright (c) 2024 VEXXHOST, Inc. |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| # not use this file except in compliance with the License. You may obtain |
| # a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| # License for the specific language governing permissions and limitations |
| # under the License. |
| |
| cluster_issuer_name: "{{ atmosphere_ingress_cluster_issuer }}" |
| cluster_issuer_type: acme |
| |
| cluster_issuer_acme_private_ca: false |
| |
| cluster_issuer_acme_server: https://acme-v02.api.letsencrypt.org/directory |
| # cluster_issuer_acme_email: |
| cluster_issuer_acme_private_key_secret_name: cert-manager-issuer-account-key |
| |
| cluster_issuer_acme_solver: http01 |
| |
| cluster_issuer_acme_http01_ingress_class: "{{ atmosphere_ingress_class_name }}" |
| |
| cluster_issuer_acme_cloudflare_secret_name: cloudflare-api-token |
| cluster_issuer_acme_cloudflare_email: "{{ cluster_issuer_acme_email }}" |
| # cluster_issuer_acme_cloudflare_api_token: <CLOUDFLARE_API_TOKEN> |
| |
| cluster_issuer_venafi_secret_name: cert-manager-venafi-credentials |
| # cluster_issuer_venafi_ca: |
| # cluster_issuer_venafi_access_token: |
| # cluster_issuer_venafi_username: |
| # cluster_issuer_venafi_password: |
| # cluster_issuer_venafi_zone: |
| # cluster_issuer_venafi_tpp_url: |
| # cluster_issuer_venafi_tpp_ca_bundle: |
| |
| cluster_issuer_acme_rfc2136_secret_name: cert-manager-issuer-tsig-secret-key |
| # cluster_issuer_acme_rfc2136_nameserver: <NAMESERVER>:<PORT> |
| # cluster_issuer_acme_rfc2136_tsig_algorithm: <ALGORITHM> |
| # cluster_issuer_acme_rfc2136_tsig_key_name: <KEY_NAME> |
| # cluster_issuer_acme_rfc2136_tsig_secret_key: <SECRET_KEY> |
| |
| cluster_issuer_acme_route53_secret_name: cert-manager-issuer-route53-credentials |
| # cluster_issuer_acme_route53_region: <REGION> |
| # cluster_issuer_acme_route53_hosted_zone_id: <HOSTED_ZONE_ID> |
| # cluster_issuer_acme_route53_access_key_id: <AWS_ACCESS_KEY_ID> |
| # cluster_issuer_acme_route53_secret_access_key: <AWS_SECRET_ACCESS_KEY> |
| |
| cluster_issuer_acme_godaddy_helm_release_name: cert-manager-webhook-godaddy |
| cluster_issuer_acme_godaddy_helm_chart_path: "../../charts/godaddy-webhook/" |
| cluster_issuer_acme_godaddy_helm_chart_ref: /usr/local/src/godaddy-webhook |
| cluster_issuer_acme_godaddy_helm_release_namespace: cert-manager |
| cluster_issuer_acme_godaddy_helm_values: {} |
| |
| cluster_issuer_acme_godaddy_group_name: godaddy.cert-manager.atmosphere.dev |
| cluster_issuer_acme_godaddy_secret_name: godaddy-api-key |
| cluster_issuer_acme_godaddy_role_name: webhook-godaddy:secret-reader |
| cluster_issuer_acme_godaddy_role_binding_name: "{{ cluster_issuer_acme_godaddy_role_name }}" |
| cluster_issuer_acme_godaddy_service_account_name: "{{ cluster_issuer_acme_godaddy_helm_release_name }}" |
| cluster_issuer_acme_godaddy_is_production: true |
| cluster_issuer_acme_godaddy_ttl: 600 |
| # cluster_issuer_acme_godaddy_api_key: <GODADDY_API_KEY> |
| # cluster_issuer_acme_godaddy_secret_key: <GODADDY_SECRET_KEY> |
| |
| cluster_issuer_acme_infoblox_helm_release_name: cert-manager-webhook-infoblox-wapi |
| cluster_issuer_acme_infoblox_helm_chart_path: "../../charts/cert-manager-webhook-infoblox-wapi/" |
| cluster_issuer_acme_infoblox_helm_chart_ref: /usr/local/src/cert-manager-webhook-infoblox-wapi |
| cluster_issuer_acme_infoblox_helm_release_namespace: cert-manager |
| cluster_issuer_acme_infoblox_helm_values: {} |
| |
| cluster_issuer_acme_infoblox_group_name: infoblox.cert-manager.atmosphere.dev |
| cluster_issuer_acme_infoblox_secret_name: cert-manager-issuer-infoblox-credentials |
| cluster_issuer_acme_infoblox_role_name: webhook-infoblox-wapi:secret-reader |
| cluster_issuer_acme_infoblox_role_binding_name: "{{ cluster_issuer_acme_infoblox_role_name }}" |
| cluster_issuer_acme_infoblox_service_account_name: "{{ cluster_issuer_acme_infoblox_helm_release_name }}" |
| # cluster_issuer_acme_infoblox_view: <VIEW> |
| # cluster_issuer_acme_infoblox_host: <HOST> |
| # cluster_issuer_acme_infoblox_username: <USERNAME> |
| # cluster_issuer_acme_infoblox_password: <PASSWORD> |
| |
| cluster_issuer_ca_secret_name: cert-manager-issuer-ca |
| # cluster_issuer_ca_certificate: | |
| # -----BEGIN CERTIFICATE----- |
| # MIIDBjCCAe4CCQDQ3Z0Z2Z0Z0jANBgkqhkiG9w0BAQsFADCBhTELMAkGA1UEBhMC |
| # VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x |
| # ... |
| # -----END CERTIFICATE----- |
| # cluster_issuer_ca_private_key: | |
| # -----BEGIN RSA PRIVATE KEY----- |
| # MIIEpAIBAAKCAQEAw3Z0Z2Z0Z0jANBgkqhkiG9w0BAQsFADCBhTELMAkGA1UEBhMC |
| # VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x |
| # ... |
| # -----END RSA PRIVATE KEY----- |
| |
| cluster_issuer_self_signed_certificate_name: self-signed-ca |
| cluster_issuer_self_signed_secret_name: cert-manager-selfsigned-ca |
| |
| cluster_issuer_acme_azuredns_secret_name: cert-manager-issuer-azuredns-credentials |
| cluster_issuer_acme_azuredns_environment: AzurePublicCloud |
| # cluster_issuer_acme_azuredns_client_id: |
| # cluster_issuer_acme_azuredns_client_secret: |
| # cluster_issuer_acme_azuredns_subscription_id: |
| # cluster_issuer_acme_azuredns_tenant_id: |
| # cluster_issuer_acme_azuredns_resourcegroup_name: |
| # cluster_issuer_acme_azuredns_hostedzone_name: |