Aktualisiere Installationsanweisungen und entferne nicht benötigte TLS-Zertifikatdefinitionen für Gateways

05_base_apps_and_tools/installation_instructions.md

@@ -1,31 +1,31 @@
-# Basic requirements
-
-In diesem Schritt installieren wir
-- phase-secrets-operator
-- cert-manager
-- external-DNS mit Webhook Provider für Unifi
-
-## Phase-Secrets-Operator
+# Phase-Secrets-Operator
 
 helm repo add phase https://helm.phase.dev && helm repo update
 
 helm install phase-secrets-operator phase/phase-kubernetes-operator --set image.tag=v1.3.0
 
 kubectl create secret generic phase-service-token \
-  --from-literal=token=pss_service:v2:XXXXXXXXXXXXXXXXXXXXX \
+  --from-literal=token=<TOKEN> \
   --type=Opaque \
   --namespace=default
 
-## Cert-Manager und Cluster-Issuer
+# Cert-Manager installieren
+# 1. Repository hinzufügen und updaten
+helm repo add jetstack https://charts.jetstack.io && helm repo update
 
-kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.19.2/cert-manager.yaml
+# 2. Installation mit Gateway API Support
+helm install cert-manager jetstack/cert-manager \
+  --namespace cert-manager \
+  --create-namespace \
+  --set installCRDs=true \
+  --set "config.enableGatewayAPI=true"
 
-k apply -f manifests
+kubectl apply -f manifests
 
-## External-DNS
+# External DNS installieren
 
 helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
 
 kubectl create ns external-dns
 
-helm upgrade --install external-dns external-dns/external-dns --namespace external-dns --version 1.19.0 -f external-dns-values.yaml
+helm upgrade --install external-dns external-dns/external-dns --namespace external-dns --version 1.19.0 -f external-dns-values.yaml

06_argocd_installation/argo-prepare.yaml

@@ -38,17 +38,4 @@ spec:
           - kind: HTTPRoute
           - kind: GRPCRoute
         namespaces:
-          from: All
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: argocd-gateway-tls
-  namespace: argocd
-spec:
-  secretName: argocd-gateway-tls
-  dnsNames:
-  - argocd.k8s.hnrx.net
-  issuerRef:
-    name: cloudflare-cluster-issuer
-    kind: ClusterIssuer
+          from: All

07_bootstrap_argocd/shared-gateway.yaml

@@ -23,18 +23,4 @@ spec:
       tls:
         mode: Terminate
         certificateRefs:
-          - name: shared-gateway-tls
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: shared-gateway-tls
-  namespace: default
-spec:
-  secretName: shared-gateway-tls
-  dnsNames:
-  - '*.k8s.hnrx.net'
-  issuerRef:
-    name: cloudflare-cluster-issuer
-    kind: ClusterIssuer
+          - name: shared-gateway-tls