apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging spec: acme: email: dns-admin@janky.solutions server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-staging-account-key solvers: - dns01: webhook: groupName: acme.zacharyseguin.ca solverName: pdns config: # Base URL of the PowerDNS server. host: https://dns.janky.solutions # Reference to the Kubernetes secret containing the API key. apiKeySecretRef: name: pdns-api-key key: key ### ### OPTIONAL ### # API Key scheme https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml # default: no scheme "" # apiKeyScheme: "" # Header name for API key # # This defaults to X-API-Key when unset but supports customizations # e.g. Authorization # apiKeyHeaderName: "" # Server ID for the PowerDNS API. # When unset, defaults to "localhost". # # This should generally be left unset, and used # only if you have a proxy in front of the PowerDNS API # that requires a different value. # serverID: localhost # Request headers when connecting to the PowerDNS API. # The following headers are set by default, but can be overriden: # X-API-Key # Content-Type # headers: # Host: dns.janky.solutions # CA bundle for TLS connections # When unset, the default system certificate store is used. # caBundle: BASE64_ENCODED_CA_BUNDLE # TTL for DNS records # (in seconds) # ttl: 120 # Timeout for requests to the PDNS api server # (in seconds) # timeout: 30 # If the server is only allowed to edit certain zones; the # default is an empty list, allowing everything. # *IMPORTANT*: Remember the trailing dot to make the zone-name # fully qualified. # allowed-zones: # - example.com. # - example.org. # - example.net. --- apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt spec: acme: email: dns-admin@janky.solutions server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-account-key solvers: - dns01: webhook: groupName: acme.zacharyseguin.ca solverName: pdns config: # Base URL of the PowerDNS server. host: https://dns.janky.solutions # Reference to the Kubernetes secret containing the API key. apiKeySecretRef: name: pdns-api-key key: key ### ### OPTIONAL ### # API Key scheme https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml # default: no scheme "" # apiKeyScheme: "" # Header name for API key # # This defaults to X-API-Key when unset but supports customizations # e.g. Authorization # apiKeyHeaderName: "" # Server ID for the PowerDNS API. # When unset, defaults to "localhost". # # This should generally be left unset, and used # only if you have a proxy in front of the PowerDNS API # that requires a different value. # serverID: localhost # Request headers when connecting to the PowerDNS API. # The following headers are set by default, but can be overriden: # X-API-Key # Content-Type # headers: # Host: dns.janky.solutions # CA bundle for TLS connections # When unset, the default system certificate store is used. # caBundle: BASE64_ENCODED_CA_BUNDLE # TTL for DNS records # (in seconds) # ttl: 120 # Timeout for requests to the PDNS api server # (in seconds) # timeout: 30 # If the server is only allowed to edit certain zones; the # default is an empty list, allowing everything. # *IMPORTANT*: Remember the trailing dot to make the zone-name # fully qualified. # allowed-zones: # - example.com. # - example.org. # - example.net.