service-provider-template/group_vars/rnt_cad/k8s.yml

48 lines
1.3 KiB
YAML

---
#k8s_cluster_name: default
k8s_cluster_name: rnt-cad-cluster
k8s_cluster_url: rnt-cad-cluster-control.realitynetwork.store
k8s_taint_servers: true
k8s_acme_email: "{{ support_email }}"
k8s_disable:
- traefik
k8s_manifests:
# ingress controller, replaces traefik which is explicitly disabled
- name: ingress-nginx
type: url
source: https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yaml
# cert-manager, required for letsencrypt
- name: cert-manager
type: url
source: https://github.com/cert-manager/cert-manager/releases/download/v1.15.0/cert-manager.yaml
# issuer for basic http certs
- name: letsencrypt-prod
type: template
source: shared/clusterissuer-acme.yaml
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- type: http
ingress: nginx
# issuer for wildcard dns certs
- name: letsencrypt-prod-wild
type: template
source: shared/clusterissuer-acme.yaml
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- type: dns
provider: digitalocean
tokenref: tokenSecretRef
secret_name: digitalocean-dns
secret_key: access-token
# initiate wildcard cert
- name: pwa.realitynetwork.store
type: file
source: wildcard-pwa-realitynetwork.yaml