Dustin
a443929c0c
Now that the reverse proxy for Internet-facing sites uses TLS passthrough, the certificate for the _darkchestofwonders.us_ Ingress needs to be correct. Since Ingress resources can only use either the default certificate (_*.pyrocufflink.blue_) or a certificate from their same namespace, we have to move the Certificate and its corresponding Secret into the _websites_ namespace. Fortunately, this is easy enoug to do, by setting the appropriate annotations on the Ingress. To keep the existing certificate (until it expires), I moved the Secret manually: ```sh kubectl get secret dcow-cert -o yaml | grep -v namespace | kubectl create -n websites -f - ``` |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| cert-exporter.yaml | ||
| certificates.yaml | ||
| cluster-issuer.yaml | ||
| dch-ca-issuer.yaml | ||
| kustomization.yaml | ||
| ssh_known_hosts | ||