Dustin C. Hatch
a443929c0c
Now that the reverse proxy for Internet-facing sites uses TLS passthrough, the certificate for the _darkchestofwonders.us_ Ingress needs to be correct. Since Ingress resources can only use either the default certificate (_*.pyrocufflink.blue_) or a certificate from their same namespace, we have to move the Certificate and its corresponding Secret into the _websites_ namespace. Fortunately, this is easy enoug to do, by setting the appropriate annotations on the Ingress. To keep the existing certificate (until it expires), I moved the Secret manually: ```sh kubectl get secret dcow-cert -o yaml | grep -v namespace | kubectl create -n websites -f - ```