Use helm chart & generate secret and clusterissuer

templates/clusterissuer.yml.j2

@@ -0,0 +1,44 @@
+apiVersion: cert-manager.io/v1alpha2
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    email: "{{ cert_manager_acme_email }}"
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: letsencrypt-prod-account-key
+
+    solvers:
+{% for i in cert_manager_issuer %}
+    - selector:
+        dnsZones:
+          - "{{ i.domain }}"
+      {{ i.solver }}:
+{% if i.provider == "cloudflare" %}
+        cloudflare:
+          email: "{{ i.email }}"
+          apiKeySecretRef:
+            name: cloudflare-api-key
+            key: api-key
+{% elif i.provider == "route53" %}
+        route53:
+            region: us-west-3
+            hostedZoneID: {{ route53_hostzoneid_exemplecom }}
+            accessKeyID: {{ route53_access_key }}
+            secretAccessKeySecretRef:
+              name: route53-api-key
+              key: secret-access-key
+{% elif i.provider == "ovh" %}
+        webhook:
+          groupName: 'acme.example.io'
+          solverName: ovh
+          config:
+            endpoint: ovh-eu
+            applicationKey: 'qdhYTYsd546Ssg5'
+            applicationSecretRef:
+              name: ovh-api-key
+              key: applicationSecret
+            consumerKey: 'vjdshGFDGShjusqqee4543dsjfndsjgf'
+{% endif %}
+{% endfor %}