feat(kubernetes): add initial setup for ArgoCD, Cert-Manager, MetalLB, and Traefik

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>

roles/kubernetes_cert_manager/templates/clusterissuer.yml.j2

@@ -0,0 +1,18 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+spec:
+    # For staging: https://acme-staging-v02.api.letsencrypt.org/directory
+    # For production: https://acme-v02.api.letsencrypt.org/directory
+    server: "{% if cert_manager_issuer_env == 'production' %}https://acme-v02.api.letsencrypt.org/directory{% else %}https://acme-staging-v02.api.letsencrypt.org/directory{% endif %}"
+    email: "{{ cert_manager_email }}"
+    privateKeySecretRef:
+      name: "{{ cert_manager_issuer_name }}-account-key"
+
+    solvers:
+    - dns01:
+        webhook:
+            groupName: com.netcup.webhook
+            solverName: netcup
+            config:
+                secretRef: netcup-secret
+                secretNamespace: cert-manager

roles/kubernetes_cert_manager/templates/netcup.yml.j2

@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: netcup-secret
+type: Opaque
+data:
+  customer-number: {{ netcup_customer_id | b64encode }}
+  api-key: {{ netcup_api_key |b64encode }}
+  api-password: {{ netcup_api_password | b64encode }}
+