The module does not have any mandatory parameters.

Parameters

  • cleanupOrphanSecretsboolean

    Delete a secret with a certificate automatically if the corresponding Certificate resource was deleted from the cluster.

    Default: false

    Examples:

    cleanupOrphanSecrets: true
    
    cleanupOrphanSecrets: false
    
  • cloudDNSServiceAccountstring

    The Service Account for Google Cloud for the same project that has the DNS Administrator role.

    Example:

    cloudDNSServiceAccount: eyJzYSI6ICJhYmNkZWZnaEBzZXJ2aWNlYWNjb3VudC5jb20iLCAicHJvamVjdF9pZCI6ImFhYWFhIn0=
    
  • cloudflareAPITokenstring

    API Tokens allow application-scoped keys bound to specific DNS zones.

    API Tokens are recommended for higher security, since they have more restrictive permissions and are more easily revocable.

    It allows you to verify that domains specified in the Certificate resource are managed by cert-manager and kept by the Cloudflare DNS provider. Verification is performed by adding special TXT records for the ACME DNS01 Challenge Provider domain.

    Example:

    cloudflareAPIToken: token
    
  • cloudflareEmailstring

    The email used for accessing the Cloudflare platform.

    Example:

    cloudflareEmail: example@example.com
    
  • cloudflareGlobalAPIKeystring

    The Cloudflare Global API key for managing DNS records

    It allows you to verify that domains specified in the Certificate resource are managed by cert-manager and kept by the Cloudflare DNS provider.

    Verification is performed by adding special TXT records for the ACME DNS01 Challenge Provider domain.

    Example:

    cloudflareGlobalAPIKey: key
    
  • digitalOceanCredentialsstring

    The Access Token for the Digital Ocean API (you can create it in the API section).

    Example:

    digitalOceanCredentials: creds
    
  • emailstring

    The email used for sending notifications by LetsEncrypt.

    Example:

    email: example@example.com
    
  • nodeSelectorobject

    The same as in the pods’ spec.nodeSelector parameter in Kubernetes.

    If the parameter is omitted or false, it will be determined automatically.

    Example:

    nodeSelector:
      has-gpu: 'true'
    
  • route53AccessKeyIDstring

    The Access Key ID of the user with the attached Amazon Route53 IAM Policy for managing domain records.

    Example:

    route53AccessKeyID: key_id
    
  • route53SecretAccessKeystring

    The Secret Access Key of the user with privileges to manage domain records.

    Example:

    route53SecretAccessKey: secret
    
  • tolerationsarray of objects

    The same as in the pods’ spec.tolerations parameter in Kubernetes.

    If the parameter is omitted or false, it will be determined automatically.

    Example:

    tolerations:
    - key: dedicated.deckhouse.io
      operator: Equal
      value: cert-manager
    
    • effectstring
    • keystring
    • operatorstring
    • tolerationSecondsinteger
    • valuestring