diff options
| author | Chris Lu <chris.lu@gmail.com> | 2025-11-27 14:03:30 -0800 |
|---|---|---|
| committer | Chris Lu <chris.lu@gmail.com> | 2025-11-27 14:20:09 -0800 |
| commit | 75d593d7fa82c0146dea5150531c4b640dcba029 (patch) | |
| tree | 52ad9b82472ba7c2fe13758918aef97dda3fb6f6 | |
| parent | 0e385122b59a6d5fa030a7998ccb68239dcbb061 (diff) | |
| download | seaweedfs-75d593d7fa82c0146dea5150531c4b640dcba029.tar.xz seaweedfs-75d593d7fa82c0146dea5150531c4b640dcba029.zip | |
use .Values.global.certificates instead
certificates ca
| -rw-r--r-- | k8s/charts/seaweedfs/templates/cert/ca-cert.yaml | 6 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/values.yaml | 3 |
2 files changed, 9 insertions, 0 deletions
diff --git a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml index 0fd6615e1..b01a8dcc0 100644 --- a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml @@ -13,6 +13,12 @@ spec: secretName: {{ template "seaweedfs.name" . }}-ca-cert commonName: "{{ template "seaweedfs.name" . }}-root-ca" isCA: true + {{- if .Values.certificates.ca.duration }} + duration: {{ .Values.certificates.ca.duration }} + {{- end }} + {{- if .Values.certificates.ca.renewBefore }} + renewBefore: {{ .Values.certificates.ca.renewBefore }} + {{- end }} issuerRef: name: {{ template "seaweedfs.name" . }}-issuer kind: Issuer diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 1bfe5c72c..74bbfeba1 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -1268,6 +1268,9 @@ certificates: keySize: 2048 duration: 2160h # 90d renewBefore: 360h # 15d + ca: + duration: 87600h # 10 years + renewBefore: 720h # 30d externalCertificates: # This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA # you will need to store your provided certificates in the secret read by the different services: |