Skip to content

ldoming/tls-cert-renewer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
img
img
 
 
kubernetes
kubernetes
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

tls-cert-renewer

This application is used to auto renew kubernetes ingress tls certificate from s3 bucket.

How it works

How it works

Note:

Secrets must contain the following metadata labels

metadata:
  labels:
    tls-cert-renewer-enabled: 'true'
    tls-cert-renewer-parent-domain: <REPLACE>

Setting up in your environment:

  1. Create a new IAM User with an S3 download policy
  2. Replace the ACCESS_KEY_ID environment variable in kubernetes/deployment.yaml with your new generated user's access key id
  3. Replace the awsKey: variable in kubernetes/secret.yaml with the base64 contents of your generated user's secret access key
$ echo -n "secretkey" | base64
  1. Update the AWS_REGION environment variable in kubernetes/deployment.yaml if you aren't running in us-west-2 with your EKS cluster
  2. Edit the kubernetes/deployment.yaml command: with following arguments
Symbol Default Description
--bucket_name Required Bucket Name
--prefix Required Folder name where the certificate is located
--sleep_time 86400 Time until the next execution
  1. Finally:
$ kubectl apply -f kubernetes/

Have suggestions or want to contribute?

Raise a PR or file an issue, I'd love to help!

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages