Closed 2color closed 7 years ago
I'm going to close this for now, as #114 has been merged.
If there's a need in future arbitrary annotations to be added to ingresses, we can revisit this. But given the extra complexity this may bring, I'm hesitant to force a particular implementation now before we know the use cases.
Adding custom annotations to the kube-lego generated ingresses
Problem
In my global nginx-ingress-controller configuration I set the whitelist-source-range to allow traffic only from specific IPs. This means that the kube-lego generated ingress (see below) for the ACME challenge cannot be accessed by let's encrypt.
Suggestion
Add a configuration option to kube-lego to allow defining a custom annotation (ingress.kubernetes.io/whitelist-source-range) for the challenge ingress.