From 548842d4b0a3ef4d33b27493717da20f4d87bdb8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomislav=20Kopi=C4=87?= <tomislav@kopic.hr>
Date: Thu, 9 May 2024 20:13:16 +0000
Subject: [PATCH] Update Kubernetes

---
 Kubernetes.md | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/Kubernetes.md b/Kubernetes.md
index 07c40c5..096dc7b 100644
--- a/Kubernetes.md
+++ b/Kubernetes.md
@@ -102,7 +102,7 @@ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/
 By default it will issue fake, self signed certificates , but if your cluster is available directly form the internet you can issue let'sencrypt certs
 so we need to create a file
 ```
-CapiVersion: cert-manager.io/v1
+apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
   name: letsencrypt-prod
@@ -115,18 +115,14 @@ spec:
     solvers:
     - http01:
        ingress:
-         class: internal-nginx
-         podTemplate:
-            spec:
-              nodeSelector:
-                "kubernetes.io/os": linux
+         class: nginx
 ```
 Customize and then apply it:
 ```
 kubectl apply -f file.yml
 ```
 
-To issue valid certs you will need to add these toingress configs for your services
+To issue valid certs you will need to add these to ingress configs for your services
 
 ```
 ...
@@ -205,6 +201,11 @@ kind: Ingress
 metadata:
   name: longhorn-ingress
   namespace: longhorn-system
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    ingress.kubernetes.io/ssl-redirect: "False"
+    kubernetes.io/ingress.class: nginx
 spec:
   ingressClassName: nginx
   rules:
@@ -218,6 +219,10 @@ spec:
             name: longhorn-frontend
             port:
               number: 80
+  tls:
+  - hosts:
+    - longhorn.my.cluster.com
+    secretName: some-name-tls
 ```
 
 then apply it: