ACME/cert-manager-webhook-sthome
ACME/cert-manager-webhook-sthome
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags 648 KiB
Go 91.6%
Makefile 3.4%
Shell 1.9%
Smarty 1.8%
Dockerfile 1.3%
16090e8482
Go to file
Chris 16090e8482 Image pushed to docker hub
2024-03-21 21:14:46 +02:00
deploy/sthome-webhook Image pushed to docker hub 2024-03-21 21:14:46 +02:00
sthome Image pushed to docker hub 2024-03-21 21:14:46 +02:00
testdata/sthome-solver Image pushed to docker hub 2024-03-21 21:14:46 +02:00
.gitignore More updates 2024-03-21 15:24:19 +02:00
Dockerfile Image pushed to docker hub 2024-03-21 21:14:46 +02:00
go.mod Updated 2024-03-21 14:26:03 +02:00
go.sum Updated 2024-03-21 14:26:03 +02:00
main_test.go Failing on KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined 2024-03-21 19:10:12 +02:00
main.go Failing on KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined 2024-03-21 19:10:12 +02:00
Makefile Copied sample files 2024-03-20 18:32:00 +02:00
README.md Updated README 2024-03-20 12:12:44 +02:00

README.md

cert-manager Webhook for sthome private DNS

cert-manager Webhook for sthome private DNS is a ACME webhook for cert-manager allowing sthome users to use local DNS for DNS01 challenge.

Getting started

Prerequisites

Installing

  • Clone this repository:
git clone https://github.com/stuurmcp/cert-manager-webhook-sthome.git
  • Run:
helm install sthome-webhook deploy/sthome-webhook

How to use it

Note: It uses the cert-manager webhook system. Everything after the issuer is configured is just cert-manager. You can find out more their documentation.

Now that the webhook is installed, here is how to use it. Let's say you need a certificate for radarr.sthome.net (should be registered in sthome DNS).

Create a cert-manager Issuer. Create a issuer.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: sthome-issuer
spec:
  acme:
    email: my-user@gmail.com
    # acme URL
    server: https://upd.sthome.lan/acme-v02.api
    #privateKeySecretRef:
    #  name: sthome-private-key-secret
    solvers:
    - dns01:
        webhook:
          groupName: acme.sthome.net
          solverName: sthome

Run:

kubectl create -f issuer.yaml

Create the Certificate object for radarr.sthome.net. Create a certificate.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: radarr-sthome-net
spec:
  dnsNames:
  - radarr.sthome.net
  issuerRef:
    name: sthome-issuer
  secretName: radarr-sthome-net-tls

Run:

kubectl create -f certificate.yaml

The certificate should ready after a few seconds:

$ kubectl get certificate radarr-sthome-net
NAME          READY   SECRET                  AGE
example-com   True    radarr-sthome-net-tls   2m21s

The certificate is now available in the radarr-sthome-net-tls secret

Integration testing

Before running the test, you need:

  • A valid domain on sthome DNS (here radarr.sthome.net)
  • The variables STH_ACCESS_KEY and STH_SECRET_KEY valid and in the environment

In order to run the integration tests, run:

TEST_ZONE_NAME=radarr.sthome.net make test