diff options
| -rw-r--r-- | k8s/charts/seaweedfs/templates/cert/ca-cert.yaml | 6 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/values.yaml | 3 |
2 files changed, 9 insertions, 0 deletions
diff --git a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml index 0fd6615e1..b01a8dcc0 100644 --- a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml @@ -13,6 +13,12 @@ spec: secretName: {{ template "seaweedfs.name" . }}-ca-cert commonName: "{{ template "seaweedfs.name" . }}-root-ca" isCA: true + {{- if .Values.certificates.ca.duration }} + duration: {{ .Values.certificates.ca.duration }} + {{- end }} + {{- if .Values.certificates.ca.renewBefore }} + renewBefore: {{ .Values.certificates.ca.renewBefore }} + {{- end }} issuerRef: name: {{ template "seaweedfs.name" . }}-issuer kind: Issuer diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 1bfe5c72c..74bbfeba1 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -1268,6 +1268,9 @@ certificates: keySize: 2048 duration: 2160h # 90d renewBefore: 360h # 15d + ca: + duration: 87600h # 10 years + renewBefore: 720h # 30d externalCertificates: # This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA # you will need to store your provided certificates in the secret read by the different services: |