Yorgos Saslis<p>It is now already Tuesday morning but everything is back online.</p><p>✅ <a href="https://chaos.social/tags/Pihole" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pihole</span></a> is back up so <a href="https://chaos.social/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> resolution works again and the rest of the family can use the internet! <br>✅ NFS provisioners can provide persistent volumes, <br>✅ <a href="https://chaos.social/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a> issues HTTPS certificates,<br>✅ <a href="https://chaos.social/tags/Unifi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Unifi</span></a> controller is back up to allow me to actually make changes to my network config (such as, say, change DNS settings when pihole is down... ) <br>✅ <a href="https://chaos.social/tags/HomeAssistant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeAssistant</span></a> automates away,<br>✅ <a href="https://chaos.social/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nextcloud</span></a> is seeing sunnier days, <br>✅ <a href="https://chaos.social/tags/Photoprism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Photoprism</span></a> <3</p>
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.
Administered by:
Server stats:
6Kactive users
mstdn.social: About · Status · Profiles directory · Privacy policy · Terms of service
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#certmanager
0 posts · 0 participants · 0 posts today
Yorgos Saslis<p>When <a href="https://chaos.social/tags/certManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certManager</span></a> works, it's beautiful. It'd been working smoothly for YEARS without me needing to touch it. </p><p>Getting it to work though... !?</p><p>Well, let's just I'd forgotten how much "fun" that can be.</p>
Indiealexh<p>I spent probably a weeks worth of hours learning more <a href="https://tny.social/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> so I could save $60 a month.</p><p>I have a nice 3 node kube cluster with a 2 node <a href="https://tny.social/tags/keepalived" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keepalived</span></a> <a href="https://tny.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>haproxy</span></a> TCP load balancer. All on <a href="https://tny.social/tags/ARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARM</span></a> VPS.</p><p>Haproxy ingress<br><a href="https://tny.social/tags/ExternalDNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ExternalDNS</span></a> operator<br><a href="https://tny.social/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a><br><a href="https://tny.social/tags/RookCeph" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RookCeph</span></a><br><a href="https://tny.social/tags/ArgoCD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArgoCD</span></a><br><a href="https://tny.social/tags/KeyCloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeyCloak</span></a><br><a href="https://tny.social/tags/ValKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ValKey</span></a><br><a href="https://tny.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a><br><a href="https://tny.social/tags/CloudNativePG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudNativePG</span></a> <a href="https://tny.social/tags/Postgresql" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Postgresql</span></a></p>
Harald Klinke<p>openDesk läuft ausschließlich auf Kubernetes und nutzt über 35 Helm-Charts für den produktiven Betrieb. Voraussetzungen: K8s >=1.24, Ingress-NGINX, cert-manager, Helm, Helmfile, RWO-Volumes & externe Dienste wie Redis, Postfix & Co.<br>Details: <a href="https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/-/blob/develop/docs/requirements.md" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gitlab.opencode.de/bmi/opendes</span><span class="invisible">k/deployment/opendesk/-/blob/develop/docs/requirements.md</span></a><br><a href="https://det.social/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://det.social/tags/Helm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Helm</span></a> <a href="https://det.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://det.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://det.social/tags/openDesk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openDesk</span></a> <a href="https://det.social/tags/GovTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GovTech</span></a> <a href="https://det.social/tags/CloudNative" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudNative</span></a> <a href="https://det.social/tags/Ingress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ingress</span></a> <a href="https://det.social/tags/certManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certManager</span></a> <a href="https://det.social/tags/DigitalSovereignty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSovereignty</span></a></p>
René Dudfield<p>A new UI for cert-manager<br><a href="https://headlamp.dev/blog/2025/02/27/simplifying-certificate-management-in-kubernetes-with-the-new-cert-manager-plugin-for-headlamp/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">headlamp.dev/blog/2025/02/27/s</span><span class="invisible">implifying-certificate-management-in-kubernetes-with-the-new-cert-manager-plugin-for-headlamp/</span></a></p><p><a href="https://fosstodon.org/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://fosstodon.org/tags/kubecon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubecon</span></a> <a href="https://fosstodon.org/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> <a href="https://fosstodon.org/tags/cncf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cncf</span></a></p>
René Dudfield<p>I'm going to be at <a href="https://fosstodon.org/tags/kubecon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubecon</span></a>. At the maintainers summit beforehand, at the contribfest, and at the <a href="https://fosstodon.org/tags/headlamp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headlamp</span></a> project pavilion.</p><p>Contribfest session: <a href="https://kccnceu2025.sched.com/event/1td0n" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">kccnceu2025.sched.com/event/1t</span><span class="invisible">d0n</span></a></p><p>I'm looking forward to connecting with folks working on different projects. People have been quite busy building out Headlamp Kubernetes UIs for ecosystem tooling and standards like <a href="https://fosstodon.org/tags/gatewayapi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gatewayapi</span></a> <a href="https://fosstodon.org/tags/prometheus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>prometheus</span></a> <a href="https://fosstodon.org/tags/keda" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keda</span></a> <a href="https://fosstodon.org/tags/flux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>flux</span></a> <a href="https://fosstodon.org/tags/minikube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>minikube</span></a> <a href="https://fosstodon.org/tags/backstage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backstage</span></a> <a href="https://fosstodon.org/tags/inspektorgadget" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>inspektorgadget</span></a> <a href="https://fosstodon.org/tags/flagger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>flagger</span></a> and <a href="https://fosstodon.org/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> </p><p><a href="https://fosstodon.org/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://fosstodon.org/tags/cncf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cncf</span></a> <a href="https://fosstodon.org/tags/cloudnativecon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudnativecon</span></a></p>
Gilgwath<p>Those who've been reading my toots, might have picked up on the fact that I'm building a <a href="https://social.tchncs.de/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> cluster from scratch (yes, I like pain). After figuring out <a href="https://social.tchncs.de/tags/cri_o" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cri_o</span></a> <a href="https://social.tchncs.de/tags/calico" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>calico</span></a> <a href="https://social.tchncs.de/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> <a href="https://social.tchncs.de/tags/metallb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>metallb</span></a> <a href="https://social.tchncs.de/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> and <a href="https://social.tchncs.de/tags/cloudnativepg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudnativepg</span></a> I finally deployed my first actual application: <a href="https://social.tchncs.de/tags/nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nextcloud</span></a> ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! <a href="https://social.tchncs.de/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://social.tchncs.de/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a></p>
Max Bachhuber<p>Managed to migrate my first <a href="https://noitl.space/tags/Truecharts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Truecharts</span></a> app from <a href="https://noitl.space/tags/TrueNAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrueNAS</span></a> to <a href="https://noitl.space/tags/Talos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Talos</span></a>.</p><p>Do this only if you need another hobby. It is definitely nothing like the comfort the TrueNAS App Catalogue and UI provided.</p><p>But i like <a href="https://noitl.space/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> and so it is fine for me, to play around with <a href="https://noitl.space/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a>, <a href="https://noitl.space/tags/RenovateBot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RenovateBot</span></a>, <a href="https://noitl.space/tags/FluxCD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FluxCD</span></a> and <a href="https://noitl.space/tags/VolSync" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VolSync</span></a>. Just have to compare resource consumption now 😅</p>
Johannes Schnatterer<p><a href="https://floss.social/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a> can now be rolled out with GOP. We're planning to extend the support to automatically provision <a href="https://floss.social/tags/TLS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TLS</span></a> certs via <a href="https://floss.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>letsencrypt</span></a> / <a href="https://floss.social/tags/ACME" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ACME</span></a> for all tools with a single parameter 🚀</p><p>This release also contains contributions of our new maintainer Thomas Michael. Welcome to the team 🥳</p>
Junicast<p>Isn't there a decent alternative to <a href="https://chaos.social/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> in <a href="https://chaos.social/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> ?<br>I need a tool that support <a href="https://chaos.social/tags/powerdns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>powerdns</span></a> api.<br>kube-lego sadly is deprecated</p>
几乇丨爪丨 🤓 :mastodon:<p>💻🧾 An alle <a href="https://voi.social/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a> Profis:</p><p>Lassen sich mit der DNS-Challenge und <a href="https://voi.social/tags/Webhook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Webhook</span></a> auf einem anderen Server, als auf dem die <a href="https://voi.social/tags/Domain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Domain</span></a> und Website gehostet ist, <a href="https://voi.social/tags/Zertifikate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zertifikate</span></a> für die Hauptdomain wie z.B. meinedomain.de erzeugen?</p><p>Hintergrund: mein <a href="https://voi.social/tags/ejabberd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ejabberd</span></a> läuft bei mir zuhause auf meiner Hauptdomain, für mein Domain-/Webhoster gibts aber keinen Webhook... Daher erwäge ich zu wechseln falls das möglich wäre...</p><p>Evtl. kann auch <span class="h-card" translate="no"><a href="https://infosec.exchange/@CertManager" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>CertManager</span></a></span>, <span class="h-card" translate="no"><a href="https://netcup.cafe/@netcup" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>netcup</span></a></span> oder <span class="h-card" translate="no"><a href="https://manitu.social/@team" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>team</span></a></span> was dazu sagen 🤔</p><p>🔃🙏</p>
Bob Dendry has moved!<p>So I've managed to finally get <a href="https://mstdn.games/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> working with <a href="https://mstdn.games/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a>.</p><p>It took lots of frustration, a sidequest around attempting replace Traefik with the <a href="https://mstdn.games/tags/Cilium" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cilium</span></a> Gateway API implementation, to lots of annoyance and frustration, broken iptables, but we finally got back to pretty much where we started and things started to fall in place from here.</p><p>So the good news is by separating certificates from Traefik, we can now get Traefik doing HA. Why you ask? Just cause.</p><p><a href="https://mstdn.games/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://mstdn.games/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> <a href="https://mstdn.games/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p>
Z3r0 ~ :t_blink:<p>Cert-Manager es DIOS y quien diga lo contrario tendrá que verselas conmigo.</p><p><a href="https://maverick-hq.org/tags/kubecosas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KubeCosas</span></a> <a href="https://maverick-hq.org/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CertManager</span></a></p>
Dentaku (Thomas Renger)<p>Ha, funktioniert: LoadBalancer für <a href="https://fnordon.de/tags/dovecot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dovecot</span></a> wird automatisch erzeugt, automatisch in DNS eingetragen und automatisch ein TLS-Zertifikat erzeugt. Langsam nimmt mein Mail-auf-Kubernetes-Setup Form an.</p><p><a href="https://fnordon.de/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://fnordon.de/tags/externaldns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>externaldns</span></a> <a href="https://fnordon.de/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> <a href="https://fnordon.de/tags/rfc2136" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rfc2136</span></a></p>
Mika<p>I've just merged a huge PR to my <a href="https://sakurajima.social/tags/Orked" rel="nofollow noopener" target="_blank">#Orked</a> (O-tomated RKE Distribution - GREAT NAME I KNOW) that makes it easier than ever for anyone to set up a production-ready <a href="https://sakurajima.social/tags/RKE2" rel="nofollow noopener" target="_blank">#RKE2</a> <a href="https://sakurajima.social/tags/Kubernetes" rel="nofollow noopener" target="_blank">#Kubernetes</a> cluster in their <a href="https://sakurajima.social/tags/homelab" rel="nofollow noopener" target="_blank">#homelab</a><span>.<br><br>With this collection of scripts, all you need to do is just provision the nodes required, including a login/management node, and run the scripts right from the login node to configure all of the other nodes to make up the cluster. This setup includes:<br><br>- Configuring the Login node with any required or essential dependencies (such as </span><a href="https://sakurajima.social/tags/Helm" rel="nofollow noopener" target="_blank">#Helm</a>, <a href="https://sakurajima.social/tags/Docker" rel="nofollow noopener" target="_blank">#Docker</a>, <a href="https://sakurajima.social/tags/k9s" rel="nofollow noopener" target="_blank">#k9s</a>, <a href="https://sakurajima.social/tags/kubens" rel="nofollow noopener" target="_blank">#kubens</a>, <a href="https://sakurajima.social/tags/kubectx" rel="nofollow noopener" target="_blank">#kubectx</a><span>, etc.)<br><br>- Setup passwordless </span><a href="https://sakurajima.social/tags/SSH" rel="nofollow noopener" target="_blank">#SSH</a><span> access from the Login node to the rest of the Kubernetes nodes<br><br>- Update the </span><code>hosts</code><span> file for strictly necessary name resolution on the Login node and between the Kubernetes nodes<br><br>- Necessary, best practice configurations for all of the Kubernetes nodes including networking configuration, disabling unnecessary services, disabling swap, loading required modules, etc.<br><br>- Installation and configuration of RKE2 on all the Kubernetes nodes and joining them together as a cluster<br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/Longhorn" rel="nofollow noopener" target="_blank">#Longhorn</a><span> storage, including formatting/configuring their virtual disks on the Worker nodes<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/MetalLB" rel="nofollow noopener" target="_blank">#MetalLB</a><span> as the cluster's load-balancer<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/Ingress" rel="nofollow noopener" target="_blank">#Ingress</a> <a href="https://sakurajima.social/tags/NGINX" rel="nofollow noopener" target="_blank">#NGINX</a><span> as the ingress controller and reverse proxy for the cluster - this helps manage external access to the services in the cluster<br><br>- Setup and configuration of </span><a href="https://sakurajima.social/tags/cert-manager" rel="nofollow noopener" target="_blank">#cert-manager</a> to obtain and renew <a href="https://sakurajima.social/tags/LetsEncrypt" rel="nofollow noopener" target="_blank">#LetsEncrypt</a> certs automatically - supports both <a href="https://sakurajima.social/tags/DNS" rel="nofollow noopener" target="_blank">#DNS</a> and HTTP validation with <a href="https://sakurajima.social/tags/Cloudflare" rel="nofollow noopener" target="_blank">#Cloudflare</a><span><br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/csi-driver-smb" rel="nofollow noopener" target="_blank">#csi-driver-smb</a><span> which adds support for integrating your external SMB storage to the Kubernetes cluster<br><br>Besides these, there are also some other </span><i>helper</i> scripts to make certain related tasks easy such as a script to set a unique static IP address and hostname, and another to toggle <a href="https://sakurajima.social/tags/SELinux" rel="nofollow noopener" target="_blank">#SELinux</a><span> enforcement to on or off - should you need to turn it off (temporarily).<br><br>If you already have an existing RKE2 cluster, there's a step-by-step guide on how you could use it to easily configure and join additional nodes to your cluster if you're planning on expanding.<br><br>Orked currently expects and supports </span><a href="https://sakurajima.social/tags/RockyLinux" rel="nofollow noopener" target="_blank">#RockyLinux</a> 8+ (should also support any other <a href="https://sakurajima.social/tags/RHEL" rel="nofollow noopener" target="_blank">#RHEL</a> distros such as <a href="https://sakurajima.social/tags/AlmaLinux" rel="nofollow noopener" target="_blank">#AlmaLinux</a>), but I am planning to improve the project over time by adding more <a href="https://sakurajima.social/tags/Linux" rel="nofollow noopener" target="_blank">#Linux</a> distros, <a href="https://sakurajima.social/tags/IPv6" rel="nofollow noopener" target="_blank">#IPv6</a> support, and possibly even <a href="https://sakurajima.social/tags/K3s" rel="nofollow noopener" target="_blank">#K3s</a> for a more lightweight <a href="https://sakurajima.social/tags/RaspberryPi" rel="nofollow noopener" target="_blank">#RaspberryPi</a><span> cluster for example.<br><br>I've used this exact setup to deploy and manage vital services to hundreds of unique clients/organisations that I've become </span><i>obsessed</i><span> with sharing it to everyone and making it easier to get started. If this is something that interests you, feel free to check it out!<br><br>If you're wondering what to deploy on a Kubernetes cluster - feel free to also check out my </span><a href="https://sakurajima.social/tags/mika" rel="nofollow noopener" target="_blank">#mika</a> helm chart repo 🥳<span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/orked" rel="nofollow noopener" target="_blank">https://github.com/irfanhakim-as/orked</a><span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/charts" rel="nofollow noopener" target="_blank">https://github.com/irfanhakim-as/charts</a></p>
bashfulrobot / Dustin Krysak<p>Can anyone recommend a free <a href="https://hachyderm.io/tags/dns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dns</span></a> provider that can be used with cert-manager? Besides Cloudflare? <a href="https://hachyderm.io/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://hachyderm.io/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a></p>
Fab :verifiedpurple:<p>Anyone successfully used cert-manager and DNS challenge for a Let's Encrypt certificate with Infomaniak provider ?</p><p><a href="https://infosec.exchange/tags/k3s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k3s</span></a> <a href="https://infosec.exchange/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> <a href="https://infosec.exchange/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>letsencrypt</span></a> <a href="https://infosec.exchange/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://infosec.exchange/tags/containers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>containers</span></a> <a href="https://infosec.exchange/tags/infomaniak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infomaniak</span></a></p>
Scott Williams 🐧<p><span class="h-card" translate="no"><a href="https://ibe.social/@deathkitten" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>deathkitten</span></a></span> So far, I'm able to reproduce it with <a href="https://mastodon.online/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LetsEncrypt</span></a> certs issued from <a href="https://mastodon.online/tags/certbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certbot</span></a>, <a href="https://mastodon.online/tags/caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddy</span></a>, and <a href="https://mastodon.online/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a>, both fresh and a month or two old.</p><p>Firefox 123.0.1 doesn't trust any of them.</p><p>Again, it still works because the OS CA trust includes it, so most users won't notice anything broken (yet).</p>
Ben Hardill<p>Anybody using 2 instances of the Kubernates Nginx Ingress controller on a single AWS EKS instance?</p><p>I need to support Ingress with a AWS NLB doing HTTPS termination (from a AWS issued wildcard cert) and with a separate instance doing HTTPS termination in Nginx using LetsEncrypt certs issued by certmanager.</p><p>I think it should be possible if each instance has it's own IngressClass.</p><p><a href="https://bluetoot.hardill.me.uk/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://bluetoot.hardill.me.uk/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://bluetoot.hardill.me.uk/tags/ingress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ingress</span></a> <a href="https://bluetoot.hardill.me.uk/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a> <a href="https://bluetoot.hardill.me.uk/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LetsEncrypt</span></a></p>
le dek<p>Mon nom de domaine principal, actuellement hébergé chez <a href="https://piaille.fr/tags/gandi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gandi</span></a>, arrive à échéance.</p><p>Vu qu'on ne peut plus compter sur eux, je vais partir chez un registrar moins cher.<br>Ça devrait être <a href="https://piaille.fr/tags/OVH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OVH</span></a>, vu que j'ai besoin d'un provider supporté par <a href="https://piaille.fr/tags/OctoDNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OctoDNS</span></a> et <a href="https://piaille.fr/tags/certmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certmanager</span></a>, je n'ai pas trouvé mieux pour le moment.</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload