organize folders and MVP wireguard mesh

certmanager/certsigner.yaml

@@ -0,0 +1,39 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: certsigner
+  namespace: kube-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: certsigner
+  template:
+    metadata:
+      labels:
+        app: certsigner
+    spec:
+      containers:
+      - name: certsigner
+        image: python:latest
+        command: ["cat"]
+        tty: true
+        resources:
+          requests:
+            memory: 1Mi
+            cpu: 1m
+          limits:
+            memory: 100Mi
+            cpu: 100m
+        volumeMounts:
+          - mountPath: /keys
+            name: keys
+          - mountPath: /certs
+            name: certs
+      volumes:
+        - name: keys
+          secret:
+            secretName: certsigner
+        - name: certs
+          emptyDir: {}
+      restartPolicy: Always

certmanager/letsencrypt-issuer.yaml

@@ -0,0 +1,18 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: nginx@ducoterra.net
+    # Name of a secret used to store the ACME account private key
+    privateKeySecretRef:
+      name: letsencrypt
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    - http01:
+        ingress:
+          class: nginx