From 4000c780e1c2af5ce7c8219f65c07560ad94e3a3 Mon Sep 17 00:00:00 2001 From: Matthias Hinrichs Date: Thu, 15 Jan 2026 11:31:19 +0100 Subject: [PATCH] =?UTF-8?q?Aktualisiere=20Installationsanweisungen=20und?= =?UTF-8?q?=20entferne=20nicht=20ben=C3=B6tigte=20TLS-Zertifikatdefinition?= =?UTF-8?q?en=20f=C3=BCr=20Gateways?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../installation_instructions.md | 28 +++++++++---------- 06_argocd_installation/argo-prepare.yaml | 15 +--------- 07_bootstrap_argocd/shared-gateway.yaml | 16 +---------- 3 files changed, 16 insertions(+), 43 deletions(-) diff --git a/05_base_apps_and_tools/installation_instructions.md b/05_base_apps_and_tools/installation_instructions.md index f4855cf..8820bec 100644 --- a/05_base_apps_and_tools/installation_instructions.md +++ b/05_base_apps_and_tools/installation_instructions.md @@ -1,31 +1,31 @@ -# Basic requirements - -In diesem Schritt installieren wir -- phase-secrets-operator -- cert-manager -- external-DNS mit Webhook Provider für Unifi - -## Phase-Secrets-Operator +# Phase-Secrets-Operator helm repo add phase https://helm.phase.dev && helm repo update helm install phase-secrets-operator phase/phase-kubernetes-operator --set image.tag=v1.3.0 kubectl create secret generic phase-service-token \ - --from-literal=token=pss_service:v2:XXXXXXXXXXXXXXXXXXXXX \ + --from-literal=token= \ --type=Opaque \ --namespace=default -## Cert-Manager und Cluster-Issuer +# Cert-Manager installieren +# 1. Repository hinzufügen und updaten +helm repo add jetstack https://charts.jetstack.io && helm repo update -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.19.2/cert-manager.yaml +# 2. Installation mit Gateway API Support +helm install cert-manager jetstack/cert-manager \ + --namespace cert-manager \ + --create-namespace \ + --set installCRDs=true \ + --set "config.enableGatewayAPI=true" -k apply -f manifests +kubectl apply -f manifests -## External-DNS +# External DNS installieren helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/ kubectl create ns external-dns -helm upgrade --install external-dns external-dns/external-dns --namespace external-dns --version 1.19.0 -f external-dns-values.yaml \ No newline at end of file +helm upgrade --install external-dns external-dns/external-dns --namespace external-dns --version 1.19.0 -f external-dns-values.yaml diff --git a/06_argocd_installation/argo-prepare.yaml b/06_argocd_installation/argo-prepare.yaml index 87fbbfe..6b53dfa 100644 --- a/06_argocd_installation/argo-prepare.yaml +++ b/06_argocd_installation/argo-prepare.yaml @@ -38,17 +38,4 @@ spec: - kind: HTTPRoute - kind: GRPCRoute namespaces: - from: All ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: argocd-gateway-tls - namespace: argocd -spec: - secretName: argocd-gateway-tls - dnsNames: - - argocd.k8s.hnrx.net - issuerRef: - name: cloudflare-cluster-issuer - kind: ClusterIssuer + from: All \ No newline at end of file diff --git a/07_bootstrap_argocd/shared-gateway.yaml b/07_bootstrap_argocd/shared-gateway.yaml index 8ebca07..a73800a 100644 --- a/07_bootstrap_argocd/shared-gateway.yaml +++ b/07_bootstrap_argocd/shared-gateway.yaml @@ -23,18 +23,4 @@ spec: tls: mode: Terminate certificateRefs: - - name: shared-gateway-tls - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: shared-gateway-tls - namespace: default -spec: - secretName: shared-gateway-tls - dnsNames: - - '*.k8s.hnrx.net' - issuerRef: - name: cloudflare-cluster-issuer - kind: ClusterIssuer \ No newline at end of file + - name: shared-gateway-tls \ No newline at end of file