| 123456789101112131415161718192021222324252627282930313233 |
- {{- if .Values.global.enableSecurity }}
- apiVersion: certmanager.k8s.io/v1alpha1
- kind: Certificate
- metadata:
- name: {{ template "seaweedfs.name" . }}-client-cert
- namespace: {{ .Release.Namespace }}
- spec:
- secretName: {{ template "seaweedfs.name" . }}-client-cert
- issuerRef:
- name: {{ template "seaweedfs.name" . }}-clusterissuer
- kind: ClusterIssuer
- commonName: {{ .Values.certificates.commonName }}
- organization:
- - "SeaweedFS CA"
- dnsNames:
- - '*.{{ .Release.Namespace }}'
- - '*.{{ .Release.Namespace }}.svc'
- - '*.{{ .Release.Namespace }}.svc.cluster.local'
- - '*.{{ template "seaweedfs.name" . }}-master'
- - '*.{{ template "seaweedfs.name" . }}-master.{{ .Release.Namespace }}'
- - '*.{{ template "seaweedfs.name" . }}-master.{{ .Release.Namespace }}.svc'
- - '*.{{ template "seaweedfs.name" . }}-master.{{ .Release.Namespace }}.svc.cluster.local'
- {{- if .Values.certificates.ipAddresses }}
- ipAddresses:
- {{- range .Values.certificates.ipAddresses }}
- - {{ . }}
- {{- end }}
- {{- end }}
- keyAlgorithm: {{ .Values.certificates.keyAlgorithm }}
- keySize: {{ .Values.certificates.keySize }}
- duration: {{ .Values.certificates.duration }}
- renewBefore: {{ .Values.certificates.renewBefore }}
- {{- end }}
|
