mirror of
https://github.com/zoriya/snow.git
synced 2025-12-05 23:06:23 +00:00
31 lines
707 B
YAML
31 lines
707 B
YAML
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: postgres-ca
|
|
# cert needs to be on the cluster's default resource ns aka cert-manager by default
|
|
namespace: cert-manager
|
|
spec:
|
|
isCA: true
|
|
commonName: postgres-ca
|
|
secretName: postgres-ca
|
|
secretTemplate:
|
|
labels:
|
|
cnpg.io/reload: ""
|
|
duration: 87660h # 10 years, this is needed until https://github.com/cert-manager/cert-manager/issues/2478
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
issuerRef:
|
|
name: selfsigned
|
|
kind: ClusterIssuer
|
|
group: cert-manager.io
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: postgres-ca
|
|
namespace: postgres
|
|
spec:
|
|
ca:
|
|
secretName: postgres-ca
|