44 lines
1.3 KiB
YAML
44 lines
1.3 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
name: {{ include "nifi.fullname" . }}
|
|
labels:
|
|
{{- include "nifi.labels" . | nindent 4 }}
|
|
spec:
|
|
selfSigned: {}
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: {{ include "nifi.fullname" . }}
|
|
labels:
|
|
{{- include "nifi.labels" . | nindent 4 }}
|
|
spec:
|
|
secretName: {{ include "nifi.fullname" . }}-tls
|
|
commonName: {{ include "nifi.fullname" . }}.{{ .Release.Namespace }}
|
|
dnsNames:
|
|
- {{ .Values.ingress.hostName }}
|
|
- {{ include "nifi.siteToSiteHostName" . }}
|
|
- {{ include "nifi.fullname" . }}-http.{{ .Release.Namespace }}
|
|
{{- include "nifi.hostNodeList" . | nindent 4 }}
|
|
{{- include "nifi.ingressNodeList" . | nindent 4 }}
|
|
usages:
|
|
- server auth
|
|
- client auth
|
|
{{- with .Values.global.tls.certificate }}
|
|
duration: {{ .duration }}
|
|
renewBefore: {{ .renewBefore }}
|
|
keystores:
|
|
pkcs12:
|
|
create: true
|
|
passwordSecretRef:
|
|
{{- if .keystorePasswordSecretRef.name }}
|
|
{{- toYaml .keystorePasswordSecretRef | nindent 8 }}
|
|
{{- else }}
|
|
name: {{ printf "%s-keystore-password" (include "nifi.fullname" $) | quote }}
|
|
key: {{ default "password" .keystorePasswordSecretRef.key | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
issuerRef:
|
|
name: {{ include "nifi.fullname" . }}
|
|
kind: Issuer |