Add Let's Encrypt production issuer and ArgoCD ingress for argocd.infinicaretech.com

- Add letsencrypt-prod ClusterIssuer with HTTP-01 solver
- Add ArgoCD ingress with TLS, HTTPS backend protocol, ssl-redirect
- Replace nip.io hosts with argocd.infinicaretech.com

infrastructure/argocd/ingress.yaml

@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: argocd-server
+  namespace: argocd
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - argocd.infinicaretech.com
+      secretName: argocd-server-tls
+  rules:
+    - host: argocd.infinicaretech.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: argocd-server
+                port:
+                  number: 443

infrastructure/cert-manager/cluster-issuer.yaml

@@ -29,3 +29,18 @@ metadata:
 spec:
   ca:
     secretName: infinicaretech-ca-secret
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: info@infinicaretech.com
+    privateKeySecretRef:
+      name: letsencrypt-prod-key
+    solvers:
+      - http01:
+          ingress:
+            class: nginx