diff --git a/docs/kubernetes/ssl-certificates/wildcard-certificate.md b/docs/kubernetes/ssl-certificates/wildcard-certificate.md index e771733..0954513 100644 --- a/docs/kubernetes/ssl-certificates/wildcard-certificate.md +++ b/docs/kubernetes/ssl-certificates/wildcard-certificate.md @@ -16,7 +16,7 @@ This behaviour can be prohibitive, because (a) we don't want to have to request/ To take advantage of the various workarounds available, I find it best to put the certificates into a dedicated namespace, which I name.. `letsencrypt-wildcard-cert`. !!! question "Why not the cert-manager namespace?" - Because cert-manager is a _controller_, whose job it is to act on resources. I should be able to remove cert-manager entirely (even its namespace) from my cluster, and re-add it, without impacting the resources it acts upon. If the certificates lived in the `cert-manager` namespace, then I wouldn't be able to remove the namespace without also destroying the certificates. + Because cert-manager is a *controller*, whose job it is to act on resources. I should be able to remove cert-manager entirely (even its namespace) from my cluster, and re-add it, without impacting the resources it acts upon. If the certificates lived in the `cert-manager` namespace, then I wouldn't be able to remove the namespace without also destroying the certificates. Furthermore, we can't deploy ClusterIssuers (a CRD) in the same kustomization which deploys the helmrelease which creates those CRDs in the first place. Flux won't be able to apply the ClusterIssuers until the CRD is created, and so will fail to reconcile. @@ -44,7 +44,6 @@ Thanks to [Sealed Secrets](/kubernetes/sealed-secrets/), we have a safe way of c Finally, we create our certificates! Here's an example certificate resource which uses the letsencrypt-staging issuer (*to avoid being rate-limited while learning!*). I save this in my flux repo as `/letsencrypt-wildcard-cert/certificate-wildcard-cert-letsencrypt-staging.yaml` - ```yaml title="/letsencrypt-wildcard-cert/certificate-wildcard-cert-letsencrypt-staging.yaml" apiVersion: cert-manager.io/v1 kind: Certificate diff --git a/docs/premix/ansiblizing/index.md b/docs/premix/ansiblizing/index.md index dd26f78..1f28a27 100644 --- a/docs/premix/ansiblizing/index.md +++ b/docs/premix/ansiblizing/index.md @@ -7,4 +7,4 @@ So you want to add a recipe to the the premix playbook which is not yet an Ansible role? Read on for details... 1. [Ansiblizing for Docker Swarm](/premix/ansiblizing/swarm/) -2. [Ansiblizing for Kubernetes (flux)](/premix/ansiblizing/kubernetes/) \ No newline at end of file +2. [Ansiblizing for Kubernetes (flux)](/premix/ansiblizing/kubernetes/) diff --git a/docs/premix/ansiblizing/swarm.md b/docs/premix/ansiblizing/swarm.md index 8a81d79..437e463 100644 --- a/docs/premix/ansiblizing/swarm.md +++ b/docs/premix/ansiblizing/swarm.md @@ -41,4 +41,3 @@ immich: ## Ensure the recipe files are valid The playbook assumes that `//.yml` and `//.env-sample` exist. Without these (*and any other supporting files, ending in `-sample`*), unpleasant things will happen! -