REFACTOR(cert-manager): move from platform repo

- Add cert-manager Application and helm values - Add ClusterIssuer manifests - Update kustomization references
2026-01-10 19:57:58 +09:00
parent d29651af7a
commit 96c3c92069
5 changed files with 160 additions and 0 deletions
--- a/cert-manager/manifests/cluster-issuer.yaml
+++ b/cert-manager/manifests/cluster-issuer.yaml
@@ -0,0 +1,41 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    # Let's Encrypt Production 서버
+    # 실제 운영 환경에서 사용
+    # Rate limit: 50 certificates per registered domain per week
+    server: https://acme-v02.api.letsencrypt.org/directory
+
+    # 인증서 만료 알림을 받을 이메일 주소
+    email: bluemayne0213@icloud.com
+
+    # ACME 계정의 private key를 저장할 Secret 이름
+    privateKeySecretRef:
+      name: letsencrypt-prod
+
+    # HTTP-01 challenge를 사용하여 도메인 소유권 검증
+    # Traefik Ingress를 통해 /.well-known/acme-challenge/ 경로로 검증
+    solvers:
+    - http01:
+        ingress:
+          class: traefik
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+spec:
+  acme:
+    # Let's Encrypt Staging 서버
+    # 테스트용 - 브라우저에서 신뢰하지 않지만 rate limit 없음
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: bluemayne0213@icloud.com
+    privateKeySecretRef:
+      name: letsencrypt-staging
+    solvers:
+    - http01:
+        ingress:
+          class: traefik