exekube · ilyasotkov · May 10, 2018
diff --git a/live/dev/infra/network/terraform.tfvars b/live/dev/infra/network/terraform.tfvars
@@ -12,17 +12,12 @@ terragrunt = {
 
 # ↓ Module configuration (empty means all default)
 
-create_static_ip_address = false
+# create_static_ip_address = false
 
-dns_zones = {}
-
-# dns_zones = {
-#   apps-exekube-us = "apps.exekube.us."
-# }
-
-dns_records = {}
-
-# dns_records = {
-#   apps-exekube-us = "*.apps.exekube.us."
-# }
+dns_zones = {
+  apps-exekube-us = "apps.exekube.us."
+}
 
+dns_records = {
+  apps-exekube-us = "*.apps.exekube.us."
+}
diff --git a/live/dev/k8s/kube-system/cert-manager/resources/certs.yaml b/live/dev/k8s/kube-system/cert-manager/resources/certs.yaml
@@ -1,20 +1,20 @@
-# apiVersion: certmanager.k8s.io/v1alpha1
-# kind: Certificate
-# metadata:
-#   name: apps-ingress-tls
-#   namespace: default
-# spec:
-#   secretName: apps-ingress-tls
-#   issuerRef:
-#     kind: ClusterIssuer
-#     name: letsencrypt-stg
-#   dnsNames:
-#   - dev.forms-app.apps.exekube.us
-#   - dev.guestbook.apps.exekube.us
-#   acme:
-#     config:
-#     - http01:
-#         ingress: apps-ingress
-#       domains:
-#       - dev.forms-app.apps.exekube.us
-#       - dev.guestbook.apps.exekube.us
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: Certificate
+metadata:
+  name: apps-ingress-tls
+  namespace: default
+spec:
+  secretName: apps-ingress-tls
+  issuerRef:
+    kind: ClusterIssuer
+    name: letsencrypt-stg
+  dnsNames:
+  - dev.forms-app.apps.exekube.us
+  - dev.guestbook.apps.exekube.us
+  acme:
+    config:
+    - http01:
+        ingress: apps-ingress
+      domains:
+      - dev.forms-app.apps.exekube.us
+      - dev.guestbook.apps.exekube.us
diff --git a/live/dev/k8s/kube-system/nginx-ingress/terraform.tfvars b/live/dev/k8s/kube-system/nginx-ingress/terraform.tfvars
@@ -18,4 +18,4 @@ terragrunt = {
 
 # ↓ Module configuration (empty means all default)
 
-load_balancer_ip = ""
+load_balancer_ip = "35.205.26.156"
diff --git a/modules/cert-manager/main.tf b/modules/cert-manager/main.tf
@@ -2,37 +2,35 @@ terraform {
   backend "gcs" {}
 }
 
-#
-# variable "secrets_dir" {}
-#
-# module "cert_manager" {
-#   source           = "/exekube-modules/helm-release"
-#   tiller_namespace = "kube-system"
-#   client_auth      = "${var.secrets_dir}/kube-system/helm-tls"
-#
-#   release_name      = "cert-manager"
-#   release_namespace = "kube-system"
-#
-#   chart_repo    = "stable"
-#   chart_name    = "cert-manager"
-#   chart_version = "0.2.8"
-# }
-#
-# resource "null_resource" "cert_manager_resources" {
-#   depends_on = ["module.cert_manager"]
-#
-#   provisioner "local-exec" {
-#     command = "kubectl apply -f ${path.module}/resources/"
-#
-#     # command = "kubectl -n default apply -f ${var.secrets_dir}/default/apps-ingress-tls.yaml"
-#   }
-#
-#   provisioner "local-exec" {
-#     when = "destroy"
-#
-#     command = "kubectl delete -f ${path.module}/resources/"
-#
-#     # command = "kubectl -n default delete -f ${var.secrets_dir}/default/apps-ingress-tls.yaml"
-#   }
-# }
+variable "secrets_dir" {}
 
+module "cert_manager" {
+  source           = "/exekube-modules/helm-release"
+  tiller_namespace = "kube-system"
+  client_auth      = "${var.secrets_dir}/kube-system/helm-tls"
+
+  release_name      = "cert-manager"
+  release_namespace = "kube-system"
+
+  chart_repo    = "stable"
+  chart_name    = "cert-manager"
+  chart_version = "0.2.8"
+}
+
+resource "null_resource" "cert_manager_resources" {
+  depends_on = ["module.cert_manager"]
+
+  provisioner "local-exec" {
+    command = "kubectl apply -f ${path.module}/resources/"
+
+    # command = "kubectl -n default apply -f ${var.secrets_dir}/default/apps-ingress-tls.yaml"
+  }
+
+  provisioner "local-exec" {
+    when = "destroy"
+
+    command = "kubectl delete -f ${path.module}/resources/"
+
+    # command = "kubectl -n default delete -f ${var.secrets_dir}/default/apps-ingress-tls.yaml"
+  }
+}
diff --git a/modules/cert-manager/resources/issuers.yaml b/modules/cert-manager/resources/issuers.yaml
@@ -9,20 +9,20 @@ spec:
     privateKeySecretRef:
       name: letsencrypt-private-key
     http01: {}
-# ---
-# apiVersion: certmanager.k8s.io/v1alpha1
-# kind: ClusterIssuer
-# metadata:
-#   # Adjust the name here accordingly
-#   name: letsencrypt
-# spec:
-#   acme:
-#     # The ACME server URL
-#     server: https://acme-v01.api.letsencrypt.org/directory
-#     # Email address used for ACME registration
-#     email: letsencrypt@apps.exekube.us
-#     # Name of a secret used to store the ACME account private key from step 3
-#     privateKeySecretRef:
-#       name: letsencrypt-private-key
-#     # Enable the HTTP-01 challenge provider
-#     http01: {}
+---
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: ClusterIssuer
+metadata:
+  # Adjust the name here accordingly
+  name: letsencrypt
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v01.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: letsencrypt@apps.exekube.us
+    # Name of a secret used to store the ACME account private key from step 3
+    privateKeySecretRef:
+      name: letsencrypt-private-key
+    # Enable the HTTP-01 challenge provider
+    http01: {}
diff --git a/modules/forms-app/values.yaml b/modules/forms-app/values.yaml
@@ -13,7 +13,7 @@ serviceType: ClusterIP
 servicePort: 80
 
 ingress:
-  enabled: false
+  enabled: true
   annotations:
     kubernetes.io/ingress.class: nginx
     ingress.kubernetes.io/ssl-redirect: "true"

diff --git a/modules/guestbook/values.yaml b/modules/guestbook/values.yaml
@@ -1,6 +1,6 @@
 # Default values
 ingress:
-  enabled: false
+  enabled: true
   annotations:
     kubernetes.io/ingress.class: nginx
     ingress.kubernetes.io/ssl-redirect: "true"

diff --git a/modules/nginx-ingress/main.tf b/modules/nginx-ingress/main.tf
@@ -2,21 +2,20 @@ terraform {
   backend "gcs" {}
 }
 
-# variable "secrets_dir" {}
-# variable "load_balancer_ip" {}
-#
-# module "nginx_ingress" {
-#   source           = "/exekube-modules/helm-release"
-#   tiller_namespace = "kube-system"
-#   client_auth      = "${var.secrets_dir}/kube-system/helm-tls"
-#
-#   release_name      = "nginx-ingress"
-#   release_namespace = "kube-system"
-#
-#   chart_repo    = "stable"
-#   chart_name    = "nginx-ingress"
-#   chart_version = "0.13.2"
-#
-#   load_balancer_ip = "${var.load_balancer_ip}"
-# }
+variable "secrets_dir" {}
+variable "load_balancer_ip" {}
 
+module "nginx_ingress" {
+  source           = "/exekube-modules/helm-release"
+  tiller_namespace = "kube-system"
+  client_auth      = "${var.secrets_dir}/kube-system/helm-tls"
+
+  release_name      = "nginx-ingress"
+  release_namespace = "kube-system"
+
+  chart_repo    = "stable"
+  chart_name    = "nginx-ingress"
+  chart_version = "0.13.2"
+
+  load_balancer_ip = "${var.load_balancer_ip}"
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -18,4 +18,4 @@ terragrunt = {

		# ↓ Module configuration (empty means all default)

		load_balancer_ip = ""
		load_balancer_ip = "35.205.26.156"