From 461ecccbb7ff82992f93c58e93596fd7965ef097 Mon Sep 17 00:00:00 2001 From: Conan Scott Date: Fri, 12 Dec 2025 22:43:23 +1100 Subject: [PATCH] Added secret and cluster issuer --- 01-cloudflare-token-secret.sh | 3 +++ 02-cloudflare-dns01-cluster-issuer.yaml | 19 +++++++++++++++++++ 03-cert-test.yaml | 11 +++++++++++ 3 files changed, 33 insertions(+) create mode 100755 01-cloudflare-token-secret.sh create mode 100644 02-cloudflare-dns01-cluster-issuer.yaml create mode 100644 03-cert-test.yaml diff --git a/01-cloudflare-token-secret.sh b/01-cloudflare-token-secret.sh new file mode 100755 index 0000000..7cc14cc --- /dev/null +++ b/01-cloudflare-token-secret.sh @@ -0,0 +1,3 @@ +oc create secret generic cloudflare-api-token-secret \ + --from-literal=api-token='L7LuxQa-5vrAFVkAyF1OtbuFrHMgwm8oralYWQJF' \ + -n openshift-operators diff --git a/02-cloudflare-dns01-cluster-issuer.yaml b/02-cloudflare-dns01-cluster-issuer.yaml new file mode 100644 index 0000000..1ee4d90 --- /dev/null +++ b/02-cloudflare-dns01-cluster-issuer.yaml @@ -0,0 +1,19 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-dns01-cloudflare +spec: + acme: + # Let's Encrypt production endpoint + server: https://acme-v02.api.letsencrypt.org/directory + email: conanscott@gmail.com + privateKeySecretRef: + # cert-manager will create and store the account key here + name: letsencrypt-cloudflare-account-key + solvers: + - dns01: + cloudflare: + # This references a secret with your Cloudflare API token + apiTokenSecretRef: + name: cloudflare-api-token-secret + key: api-token diff --git a/03-cert-test.yaml b/03-cert-test.yaml new file mode 100644 index 0000000..a6e7bf4 --- /dev/null +++ b/03-cert-test.yaml @@ -0,0 +1,11 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: example-cert +spec: + secretName: example-tls + issuerRef: + name: letsencrypt-dns01-cloudflare + kind: ClusterIssuer + dnsNames: + - certmanager-test.apilab.us