Skip to content

A cert-manager webhook for requesting DNS-01 certs with TransIP as the DNS provider

Notifications You must be signed in to change notification settings

quanbyproj/cert-manager-webhook-transip

 
 

Repository files navigation

TransIP Cert-Manager webhook

This is an implementation of a Cert-Manager webhook for implementing DNS01 acme verification with TransIP as a DNS provider.

Installation

You can use Helm to deploy the webhook:

$ git clone ...
$ helm install cert-manager-webhook-transip --namespace=cert-manager ./deploy/transip-webhook

Alternatively, you can use kubectl to deploy:

$ kubectl -n cert-manager apply -f https://raw.githubusercontent.com/quanbylab/cert-manager-webhook-transip/master/deploy/recommended.yaml

Both methods will simply deploy the webhook container into your Kubernetes environment. After deployment, you'll have to configure the webhook to interface with your TransIP account.

Configuration

The webhook needs your TransIP account name and your API private key. The private key must be deployed as a secret.

# Given your private key is in the file privateKey
kubectl -n cert-manager create secret generic transip-credentials --from-file=privateKey

After saving your private key as a secret to the cluster, you'll have to configure the Issuer object. You can use the following as a template:

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: le-staging
spec:
  acme:
    email: [email protected]
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: le-staging-issuer-key
    solvers:
    - dns01:
        webhook:
          groupName: cert-manager.webhook.transip
          solverName: transip
          config:
            accountName: your-transip-username
            ttl: 300
            privateKeySecretRef:
              name: transip-credentials
              key: privateKey

That's it! Now you're set up to request your first certificate :-)

Running the test suite

Please start out by configuring your environment in testdata/transip/config.json. You can then run the test suite with:

$ TEST_ZONE_NAME=example.com go test .

About

A cert-manager webhook for requesting DNS-01 certs with TransIP as the DNS provider

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 51.3%
  • Makefile 26.7%
  • Shell 11.6%
  • Mustache 8.3%
  • Dockerfile 2.1%