apiVersion: v1 kind: Namespace metadata: name: auth --- apiVersion: v1 kind: Namespace metadata: name: dirigible --- apiVersion: v1 kind: ServiceAccount metadata: name: service-account namespace: auth --- apiVersion: v1 kind: ServiceAccount metadata: name: service-account namespace: dirigible --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: auth:admin-role rules: - apiGroups: - '*' resources: - '*' verbs: - '*' - nonResourceURLs: - '*' verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: auth:admin-role:auth roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: auth:admin-role subjects: - kind: ServiceAccount name: service-account namespace: auth --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: auth:admin-role:dirigible roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: auth:admin-role subjects: - kind: ServiceAccount name: service-account namespace: dirigible --- apiVersion: certmanager.k8s.io/v1alpha1 kind: ClusterIssuer metadata: name: letsencrypt-production spec: acme: server: https://acme-v02.api.letsencrypt.org/directory # Replace the placeholder with valid email address, it will be used from the cert-manager for registration in Let's Encrypt email: privateKeySecretRef: name: letsencrypt-production http01: {}