70 lines
1.7 KiB
YAML
70 lines
1.7 KiB
YAML
---
|
|
- name: Ensure cert-manager namespace exists
|
|
kubernetes.core.k8s:
|
|
name: cert-manager
|
|
api_version: v1
|
|
kind: Namespace
|
|
state: present
|
|
tags:
|
|
- cert_manager
|
|
- namespace
|
|
|
|
- name: Create netcup-secret
|
|
kubernetes.core.k8s:
|
|
namespace: cert-manager
|
|
definition: "{{ lookup('ansible.builtin.template', 'netcup.yml.j2') | from_yaml }}"
|
|
|
|
- name: Add a repository
|
|
kubernetes.core.helm_repository:
|
|
name: cert-manager-webhook-netcup
|
|
repo_url: https://aellwein.github.io/cert-manager-webhook-netcup/charts/
|
|
|
|
- name: Install NetCup Webhook
|
|
kubernetes.core.helm:
|
|
name: my-cert-manager-webhook-netcup
|
|
chart_ref: cert-manager-webhook-netcup/cert-manager-webhook-netcup
|
|
release_namespace: cert-manager
|
|
create_namespace: true
|
|
|
|
- name: Download cert-manager manifest
|
|
ansible.builtin.get_url:
|
|
url: "{{ cert_manager_manifest }}"
|
|
dest: "/tmp/cert-manager.yaml"
|
|
mode: "0644"
|
|
validate_certs: true
|
|
tags:
|
|
- cert_manager
|
|
- download
|
|
|
|
- name: Apply cert-manager core manifests
|
|
kubernetes.core.k8s:
|
|
src: "/tmp/cert-manager.yaml"
|
|
state: present
|
|
tags:
|
|
- cert_manager
|
|
- apply_manifest
|
|
|
|
- name: Wait for cert-manager deployments to be ready
|
|
kubernetes.core.k8s_info:
|
|
api_version: apps/v1
|
|
kind: Deployment
|
|
namespace: cert-manager
|
|
name: "{{ item }}"
|
|
wait: true
|
|
wait_timeout: 300
|
|
loop:
|
|
- cert-manager
|
|
- cert-manager-cainjector
|
|
- cert-manager-webhook
|
|
tags:
|
|
- cert_manager
|
|
- wait_ready
|
|
|
|
- name: Create Let's Encrypt ClusterIssuer
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
definition: "{{ lookup('ansible.builtin.template', 'clusterissuer.yml.j2') | from_yaml }}"
|
|
tags:
|
|
- cert_manager
|
|
- cluster_issuer
|