From 46cbe85a4d459c31accf863099f45baeda959280 Mon Sep 17 00:00:00 2001 From: Chris Date: Fri, 22 Mar 2024 11:59:02 +0200 Subject: [PATCH] Updated README and changed name from sthome-solver to sthome --- README.md | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++---- main.go | 2 +- 2 files changed, 66 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9255555..2a63631 100644 --- a/README.md +++ b/README.md @@ -23,12 +23,15 @@ helm install sthome-webhook deploy/sthome-webhook ### How to use it -**Note**: It uses the [cert-manager webhook system](https://cert-manager.io/docs/configuration/acme/dns01/webhook/). Everything after the issuer is configured is just cert-manager. You can find out more [their documentation](https://cert-manager.io/docs/usage/). +**Note**: It uses the [cert-manager webhook system](https://cert-manager.io/docs/configuration/acme/dns01/webhook/). Everything after the issuer is configured is just cert-manager. You can find out more from [their documentation](https://cert-manager.io/docs/usage/). Now that the webhook is installed, here is how to use it. + +But first, Issuers and ClusterIssuers are Kubernetes resources that represent certificate authorities (CAs) capable of generating signed certificates. An Issuer is limited to a single namespace while a ClusterIssuer can issue certificates for a whole cluster. + Let's say you need a certificate for `radarr.sthome.net` (should be registered in sthome DNS). -Create a cert-manager `Issuer`. Create a `issuer.yaml` file with the following content: +Create a cert-manager `Issuer`. Create a `sthome-issuer.yaml` file with the following content: ```yaml apiVersion: cert-manager.io/v1 kind: Issuer @@ -36,7 +39,7 @@ metadata: name: sthome-issuer spec: acme: - email: my-user@gmail.com + email: my-user@sthome.net # acme URL server: https://upd.sthome.lan/acme-v02.api #privateKeySecretRef: @@ -50,7 +53,65 @@ spec: Run: ```bash -kubectl create -f issuer.yaml +kubectl create -f sthome-issuer.yaml +``` + +Check the status of the Issuer. +``` +kubectl describe issuer sthome-issuer +``` + +Should you need to delete the Issuer, run the following command: +``` +kubectl delete issuer sthome-issuer +``` + +Alternatively, to create a `ClusterIssuer `, create a `sthome-clusterissuer.yaml` file with the following content: + +```yaml +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: sthome-clusterissuer +spec: + acme: + # Your ACME server URL. + server: https://upd.sthome.lan/acme-v02.api + + # Replace this email address with your own, however currently not used + email: my-user@sthome.net + + # Name of a secret used to store the ACME account private key + #privateKeySecretRef: + # name: sthome-acme + + solvers: + - dns01: + webhook: + groupName: acme.sthome.net + solverName: sthome + #config: + # usernameSecretKeyRef: + # name: sthome-credentials + # key: username + # passwordSecretKeyRef: + # name: sthome-credentials + # key: password +``` + +To deploy the Cluster Issuer configuration file, run the following command: +``` +kubectl apply -f configuration/sthome-clusterissuer.yaml +``` + +Check the status of the Cluster Issuer. +``` +kubectl describe clusterissuer sthome-clusterissuer +``` + +Should you need to delete the Cluster Issuer, run the following command: +``` +kubectl delete clusterissuer sthome-clusterissuer ``` Create the `Certificate` object for `radarr.sthome.net`. Create a `certificate.yaml` file with the following content: diff --git a/main.go b/main.go index cd3537e..0622881 100644 --- a/main.go +++ b/main.go @@ -14,7 +14,7 @@ import ( ) const ( - providerName = "sthome-solver" + providerName = "sthome" ) var GroupName = os.Getenv("GROUP_NAME")