cluster/kube: ceph dashboard tls certificates
diff --git a/cluster/kube/lib/rook.libsonnet b/cluster/kube/lib/rook.libsonnet
index 9c7b1e9..b553ca4 100644
--- a/cluster/kube/lib/rook.libsonnet
+++ b/cluster/kube/lib/rook.libsonnet
@@ -439,8 +439,19 @@
},
dashboardIngress: kube.Ingress(cluster.name("dashboard")) {
- metadata+: cluster.metadata,
+ metadata+: cluster.metadata {
+ annotations+: {
+ "kubernetes.io/tls-acme": "true",
+ "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
+ },
+ },
spec+: {
+ tls: [
+ {
+ hosts: ["%s.hswaw.net" % name],
+ secretName: cluster.name("dashboard"),
+ },
+ ],
rules: [
{
host: "%s.hswaw.net" % name,