gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

Helm use external certificates (#4913)

Browse source
This commit is contained in:
Yuval Yacoby 2023-10-15 19:14:24 +03:00 committed by GitHub
parent cbc24c7b24
commit c6991dfd5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
k8s/charts/seaweedfs/templates/ca-cert.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Certificate
metadata:

2
k8s/charts/seaweedfs/templates/cert-caissuer.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Issuer
metadata:

2
k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: ClusterIssuer
metadata:

2
k8s/charts/seaweedfs/templates/client-cert.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Certificate
metadata:

2
k8s/charts/seaweedfs/templates/filer-cert.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Certificate
metadata:

2
k8s/charts/seaweedfs/templates/master-cert.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Certificate
metadata:

2
k8s/charts/seaweedfs/templates/volume-cert.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.global.enableSecurity }}
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
kind: Certificate
metadata:

5
k8s/charts/seaweedfs/values.yaml
View file

@ -640,3 +640,8 @@ certificates:
keySize: 2048
duration: 2160h # 90d
renewBefore: 360h # 15d
externalCertificates:
# This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA
# you will need to store your provided certificates in the secret read by the different services:
# seaweedfs-master-cert, seaweedfs-filer-cert, etc. Can see any statefulset definition to see secret names
enabled: false