zogot / homelab

Homelab setup with proxmox, terraform, kubernetes and manifest files
0 stars 0 forks source link

Cert-Manager and Cloudflare DNS Resolver #6

Open zogot opened 6 months ago

zogot commented 6 months ago

Reference: https://cert-manager.io/docs/installation/helm/

zogot commented 6 months ago

Look into external-dns and the use with Cloudflare and Pihole. Configure in a way that I can mark an ingress as 'public' and only then it adds to Cloudflare with the External IP

zogot commented 6 months ago

Trying to use 1password service accounts to have the cloudflare api key provided via 1password but unfortunately, external-dns doesn't supply a 'cmd' argument in the deployments and according to the documentation of 1password secret injector:

To inject secrets, the Pod you're looking to inject into must have a command value defined in its Deployment or Pod spec. The 1Password Secrets Injector works by mutating the this value on initilization, and as such a command is needed to be mutated. If the deployments you're using aren't designed to have command specified in the deployment, then the 1Password Kubernetes Operator may be a better fit for your use case.

so, shame, have to create manual secrets with the values taken from 1password