2024-06-06 20:05:18 +00:00
---
2024-07-11 00:08:17 +00:00
# default context is used for stack orchestrator deployments, for testing a custom context name can be usefull
#k8s_cluster_name: rnt-cad-cluster
2024-07-08 18:01:18 +00:00
k8s_cluster_name : default
2024-06-06 23:03:16 +00:00
k8s_cluster_url : rnt-cad-cluster-control.realitynetwork.store
2024-06-06 20:05:18 +00:00
k8s_taint_servers : true
2024-06-07 02:26:14 +00:00
k8s_acme_email : "{{ support_email }}"
2024-07-11 00:08:17 +00:00
# k3s bundles traefik as the default ingress controller, we will disable it and use nginx instead
2024-07-08 17:59:17 +00:00
k8s_disable :
- traefik
2024-07-11 00:08:17 +00:00
# secrets can be stored in a file or as a template, the template secrets gets dynamically base64 encoded while file based secrets must be encoded by hand
k8s_secrets :
- name : digitalocean-dns
type : file
source : secret-digitalocean-dns.yaml
2024-06-06 20:05:18 +00:00
k8s_manifests :
2024-07-08 17:59:17 +00:00
# ingress controller, replaces traefik which is explicitly disabled
- name : ingress-nginx
type : url
source : https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yaml
# cert-manager, required for letsencrypt
2024-06-06 20:05:18 +00:00
- name : cert-manager
2024-06-07 02:26:14 +00:00
type : url
2024-07-11 00:08:17 +00:00
source : https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml
2024-06-06 20:05:18 +00:00
# issuer for basic http certs
- name : letsencrypt-prod
type : template
source : shared/clusterissuer-acme.yaml
server : https://acme-v02.api.letsencrypt.org/directory
solvers :
- type : http
ingress : nginx
# issuer for wildcard dns certs
- name : letsencrypt-prod-wild
type : template
source : shared/clusterissuer-acme.yaml
server : https://acme-v02.api.letsencrypt.org/directory
solvers :
- type : dns
provider : digitalocean
tokenref : tokenSecretRef
secret_name : digitalocean-dns
2024-07-08 18:02:54 +00:00
secret_key : access-token
2024-06-06 20:05:18 +00:00
# initiate wildcard cert
2024-06-06 23:03:16 +00:00
- name : pwa.realitynetwork.store
2024-06-06 20:05:18 +00:00
type : file
2024-06-06 23:03:16 +00:00
source : wildcard-pwa-realitynetwork.yaml