From 2305187bbdb32e4b408eef5c6e22b2aaf460cdae Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 7 May 2023 15:11:34 -0500 Subject: [PATCH] cert-manager: Add certificate for hatch.chat The certificate for *hatch.chat* is used by Synapse (Matrix homeserver). --- cert-manager/cert-exporter.yaml | 6 ++++++ cert-manager/certificates.yaml | 18 ++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/cert-manager/cert-exporter.yaml b/cert-manager/cert-exporter.yaml index 83cc880..3f7c70e 100644 --- a/cert-manager/cert-exporter.yaml +++ b/cert-manager/cert-exporter.yaml @@ -23,6 +23,11 @@ data: namespace: default key: acme.sh/dustin.hatch.name/dustin.hatch.name.key cert: acme.sh/dustin.hatch.name/fullchain.cer + - name: hatchchat-cert + namespace: default + key: certificates/hatch.chat.key + cert: certificates/hatch.chat.crt + bundle: certificates/hatch.chat.pem known-hosts-command.ssh_config: | KnownHostsCommand /usr/bin/curl -fsL https://files.pyrocufflink.blue/ssh_known_hosts @@ -41,6 +46,7 @@ rules: resourceNames: - pyrocufflink-cert - dustinhatchname-cert + - hatchchat-cert --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/cert-manager/certificates.yaml b/cert-manager/certificates.yaml index 65eaf05..add8ed6 100644 --- a/cert-manager/certificates.yaml +++ b/cert-manager/certificates.yaml @@ -34,3 +34,21 @@ spec: privateKey: algorithm: ECDSA rotationPolicy: Always + +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: hatchchat-cert +spec: + secretName: hatchchat-cert + dnsNames: + - hatch.chat + - '*.hatch.chat' + issuerRef: + group: cert-manager.io + kind: ClusterIssuer + name: zerossl + privateKey: + algorithm: ECDSA + rotationPolicy: Always