ACME/cert-manager-webhook-sthome
ACME/cert-manager-webhook-sthome
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11 Commits 1 Branch 0 Tags 648 KiB
Go 91.6%
Makefile 3.4%
Shell 1.9%
Smarty 1.8%
Dockerfile 1.3%
dc6f24bf32
Go to file
Chris dc6f24bf32 Updated
2024-03-21 14:26:03 +02:00
deploy/sthome-webhook Fixed imports and updated references 2024-03-20 21:47:08 +02:00
sthome Reverted to example webhook 2024-03-21 14:10:54 +02:00
testdata/my-custom-solver Copied sample files 2024-03-20 18:32:00 +02:00
.gitignore Updated README 2024-03-20 12:12:44 +02:00
Dockerfile Copied sample files 2024-03-20 18:32:00 +02:00
go.mod Updated 2024-03-21 14:26:03 +02:00
go.sum Updated 2024-03-21 14:26:03 +02:00
main_test.go Updated 2024-03-21 14:26:03 +02:00
main.go Updated 2024-03-21 14:26:03 +02:00
Makefile Copied sample files 2024-03-20 18:32:00 +02:00
README.md Updated README 2024-03-20 12:12:44 +02:00

README.md

cert-manager Webhook for sthome private DNS

cert-manager Webhook for sthome private DNS is a ACME webhook for cert-manager allowing sthome users to use local DNS for DNS01 challenge.

Getting started

Prerequisites

Installing

  • Clone this repository:
git clone https://github.com/stuurmcp/cert-manager-webhook-sthome.git
  • Run:
helm install sthome-webhook deploy/sthome-webhook

How to use it

Note: It uses the cert-manager webhook system. Everything after the issuer is configured is just cert-manager. You can find out more their documentation.

Now that the webhook is installed, here is how to use it. Let's say you need a certificate for radarr.sthome.net (should be registered in sthome DNS).

Create a cert-manager Issuer. Create a issuer.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: sthome-issuer
spec:
  acme:
    email: my-user@gmail.com
    # acme URL
    server: https://upd.sthome.lan/acme-v02.api
    #privateKeySecretRef:
    #  name: sthome-private-key-secret
    solvers:
    - dns01:
        webhook:
          groupName: acme.sthome.net
          solverName: sthome

Run:

kubectl create -f issuer.yaml

Create the Certificate object for radarr.sthome.net. Create a certificate.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: radarr-sthome-net
spec:
  dnsNames:
  - radarr.sthome.net
  issuerRef:
    name: sthome-issuer
  secretName: radarr-sthome-net-tls

Run:

kubectl create -f certificate.yaml

The certificate should ready after a few seconds:

$ kubectl get certificate radarr-sthome-net
NAME          READY   SECRET                  AGE
example-com   True    radarr-sthome-net-tls   2m21s

The certificate is now available in the radarr-sthome-net-tls secret

Integration testing

Before running the test, you need:

  • A valid domain on sthome DNS (here radarr.sthome.net)
  • The variables STH_ACCESS_KEY and STH_SECRET_KEY valid and in the environment

In order to run the integration tests, run:

TEST_ZONE_NAME=radarr.sthome.net make test