From 078e1abe6ab12e65bd04f830b4ba2dbdd4560449 Mon Sep 17 00:00:00 2001
From: Christian Lempa <christian.lempa@clcreative.de>
Date: Wed, 24 Jul 2024 16:39:19 +0200
Subject: [PATCH] cert-manager update

---
 .../certmanager-prod-2/helm/helm-values.yaml    |  5 +++++
 .../kubernetes/clusterissuer.yaml               | 17 +++++++++++++++++
 .../certmanager-prod-2/kubernetes/secret.yaml   |  8 ++++++++
 3 files changed, 30 insertions(+)
 create mode 100644 certmanager/certmanager-prod-2/helm/helm-values.yaml
 create mode 100644 certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml
 create mode 100644 certmanager/certmanager-prod-2/kubernetes/secret.yaml

diff --git a/certmanager/certmanager-prod-2/helm/helm-values.yaml b/certmanager/certmanager-prod-2/helm/helm-values.yaml
new file mode 100644
index 0000000..1fef0af
--- /dev/null
+++ b/certmanager/certmanager-prod-2/helm/helm-values.yaml
@@ -0,0 +1,5 @@
+crds: 
+  enabled: true
+extraArgs:
+  - --dns01-recursive-nameservers-only
+  - --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
diff --git a/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml b/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml
new file mode 100644
index 0000000..2b1dea4
--- /dev/null
+++ b/certmanager/certmanager-prod-2/kubernetes/clusterissuer.yaml
@@ -0,0 +1,17 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: cloudflare-clusterissuer
+spec:
+  acme:
+    email: info@clcreative.de
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: cloudflare-clusterissuer-account-key
+    solvers:
+      - dns01:
+          cloudflare:
+            email: info@clcreative.de
+            apiTokenSecretRef:
+              name: cloudflare-api-token-secret
+              key: api-token
diff --git a/certmanager/certmanager-prod-2/kubernetes/secret.yaml b/certmanager/certmanager-prod-2/kubernetes/secret.yaml
new file mode 100644
index 0000000..7b618c9
--- /dev/null
+++ b/certmanager/certmanager-prod-2/kubernetes/secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloudflare-api-token-secret
+  namespace: cert-manager
+type: Opaque
+stringData:
+  api-token: # Cloudflare API Token