--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: # set to false if doing letsencrypt validation ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: letsencrypt-prod name: haproxy-ingress namespace: pew spec: rules: - host: seaturtle.pw http: paths: - path: / pathType: "Exact" backend: service: name: nginx port: number: 80 - path: /files pathType: "Exact" backend: service: name: nginx port: number: 80 - host: airsonic.seaturtle.pw http: paths: - path: / pathType: "Exact" backend: service: name: airsonic port: number: 4040 - host: git.seaturtle.pw http: paths: - path: / pathType: "Exact" backend: service: name: gitea port: number: 3000 - host: nc.seaturtle.pw http: paths: - path: / pathType: "Exact" backend: service: name: nextcloud port: number: 80 - host: plex.seaturtle.pw http: paths: - path: / pathType: "Exact" backend: service: name: plex port: number: 32400 tls: - secretName: pew-cert hosts: - seaturtle.pw - airsonic.seaturtle.pw - git.seaturtle.pw - nc.seaturtle.pw - plex.seaturtle.pw --- apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: letsencrypt-staging spec: acme: email: paulsw.pw@gmail.com server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: name: pew-account-key solvers: - http01: ingress: {} --- apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: email: paulsw.pw@gmail.com server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: pew-account-key solvers: - http01: ingress: {}