From 13b50ea3d1f81dd4d662fbb895c6c496978bdf5b Mon Sep 17 00:00:00 2001 From: infinicaretech Date: Fri, 3 Apr 2026 12:26:35 +0000 Subject: [PATCH] Add Let's Encrypt production issuer and ArgoCD ingress for argocd.infinicaretech.com - Add letsencrypt-prod ClusterIssuer with HTTP-01 solver - Add ArgoCD ingress with TLS, HTTPS backend protocol, ssl-redirect - Replace nip.io hosts with argocd.infinicaretech.com --- infrastructure/argocd/ingress.yaml | 27 +++++++++++++++++++ .../cert-manager/cluster-issuer.yaml | 15 +++++++++++ 2 files changed, 42 insertions(+) create mode 100644 infrastructure/argocd/ingress.yaml diff --git a/infrastructure/argocd/ingress.yaml b/infrastructure/argocd/ingress.yaml new file mode 100644 index 0000000..1d76670 --- /dev/null +++ b/infrastructure/argocd/ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: argocd-server + namespace: argocd + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - argocd.infinicaretech.com + secretName: argocd-server-tls + rules: + - host: argocd.infinicaretech.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: argocd-server + port: + number: 443 diff --git a/infrastructure/cert-manager/cluster-issuer.yaml b/infrastructure/cert-manager/cluster-issuer.yaml index 9a477a8..3239f3b 100644 --- a/infrastructure/cert-manager/cluster-issuer.yaml +++ b/infrastructure/cert-manager/cluster-issuer.yaml @@ -29,3 +29,18 @@ metadata: spec: ca: secretName: infinicaretech-ca-secret +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: info@infinicaretech.com + privateKeySecretRef: + name: letsencrypt-prod-key + solvers: + - http01: + ingress: + class: nginx