mirror of
https://github.com/fatedier/frp.git
synced 2025-06-17 17:18:21 +00:00
56 lines
1.4 KiB
YAML
56 lines
1.4 KiB
YAML
{{- if eq .Values.certificate.existingSecret "" }}
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: {{ include "frps.fullname" . }}
|
|
spec:
|
|
issuerRef:
|
|
{{- .Values.certificate.issuerRef | toYaml | nindent 4 }}
|
|
dnsNames:
|
|
{{- .Values.certificate.dnsNames | toYaml | nindent 4 }}
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
secretName: {{ include "frps.fullname" . }}
|
|
---
|
|
{{- end }}
|
|
{{- if and .Values.mTLS.enabled (eq .Values.mTLS.existingSecret "") }}
|
|
{{- if eq .Values.mTLS.certificatePEM "" }}
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: {{ printf "%s-client-ca" (include "frps.fullname" .) }}
|
|
spec:
|
|
commonName: {{ .Values.mTLS.commonName }}
|
|
issuerRef:
|
|
{{- .Values.mTLS.issuerRef | toYaml | nindent 4 }}
|
|
{{- with .Values.mTLS.subject }}
|
|
subject:
|
|
{{- . | toYaml | nindent 4 }}
|
|
{{- end }}
|
|
isCA: true
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
secretName: {{ printf "%s-client-ca" (include "frps.fullname" .) }}
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
name: {{ printf "%s-client-ca" (include "frps.fullname" .) }}
|
|
spec:
|
|
ca:
|
|
secretName: {{ printf "%s-client-ca" (include "frps.fullname" .) }}
|
|
---
|
|
{{- else }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ printf "%s-client-ca" (include "frps.fullname" .) }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
tls.crt: {{ .Values.mTLS.certificatePEM | b64enc | quote }}
|
|
tls.key: ""
|
|
---
|
|
{{- end }}
|
|
{{- end }} |