diff options
| -rw-r--r-- | k8s/charts/seaweedfs/templates/ca-cert.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/cert-caissuer.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/client-cert.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/filer-cert.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/master-cert.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/templates/volume-cert.yaml | 2 | ||||
| -rw-r--r-- | k8s/charts/seaweedfs/values.yaml | 5 |
8 files changed, 12 insertions, 7 deletions
diff --git a/k8s/charts/seaweedfs/templates/ca-cert.yaml b/k8s/charts/seaweedfs/templates/ca-cert.yaml index c1d432d31..fc002aebe 100644 --- a/k8s/charts/seaweedfs/templates/ca-cert.yaml +++ b/k8s/charts/seaweedfs/templates/ca-cert.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: diff --git a/k8s/charts/seaweedfs/templates/cert-caissuer.yaml b/k8s/charts/seaweedfs/templates/cert-caissuer.yaml index 4c2693043..72de126e1 100644 --- a/k8s/charts/seaweedfs/templates/cert-caissuer.yaml +++ b/k8s/charts/seaweedfs/templates/cert-caissuer.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Issuer metadata: diff --git a/k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml b/k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml index c46aa4756..42e080fd6 100644 --- a/k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml +++ b/k8s/charts/seaweedfs/templates/cert-clusterissuer.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: ClusterIssuer metadata: diff --git a/k8s/charts/seaweedfs/templates/client-cert.yaml b/k8s/charts/seaweedfs/templates/client-cert.yaml index 5904a00b6..bda132a02 100644 --- a/k8s/charts/seaweedfs/templates/client-cert.yaml +++ b/k8s/charts/seaweedfs/templates/client-cert.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: diff --git a/k8s/charts/seaweedfs/templates/filer-cert.yaml b/k8s/charts/seaweedfs/templates/filer-cert.yaml index 8b5dbe257..c17815af2 100644 --- a/k8s/charts/seaweedfs/templates/filer-cert.yaml +++ b/k8s/charts/seaweedfs/templates/filer-cert.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: diff --git a/k8s/charts/seaweedfs/templates/master-cert.yaml b/k8s/charts/seaweedfs/templates/master-cert.yaml index bb935eedb..47dcaacd3 100644 --- a/k8s/charts/seaweedfs/templates/master-cert.yaml +++ b/k8s/charts/seaweedfs/templates/master-cert.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: diff --git a/k8s/charts/seaweedfs/templates/volume-cert.yaml b/k8s/charts/seaweedfs/templates/volume-cert.yaml index c6b333f7c..4df63db2c 100644 --- a/k8s/charts/seaweedfs/templates/volume-cert.yaml +++ b/k8s/charts/seaweedfs/templates/volume-cert.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.enableSecurity }} +{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 9e12a6e05..a83ceac46 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -640,3 +640,8 @@ certificates: keySize: 2048 duration: 2160h # 90d renewBefore: 360h # 15d + externalCertificates: + # This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA + # you will need to store your provided certificates in the secret read by the different services: + # seaweedfs-master-cert, seaweedfs-filer-cert, etc. Can see any statefulset definition to see secret names + enabled: false |