Usage:
helm install my-release oci://ghcr.io/dmahmalat/charts/cert-manager-webhook-google-domains
To test:
TEST_DOMAIN_NAME=<domain name> TEST_SECRET=$(echo -n '<google domains ACME API Key>' | base64) make test
Note: Make sure to change the values.yaml groupName
variable accordingly.
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: my.domain.com
spec:
acme:
email: [email protected]
server: https://dv.acme-v02.api.pki.goog/directory
privateKeySecretRef:
name: cert-domain-tls-auth-my.domain.com
externalAccountBinding:
keyID: <EAB KEY ID>
keySecretRef:
name: cert-domain-tls-key-skyloft.cc
key: eab-key
solvers:
- dns01:
webhook:
groupName: acmedns.example.org
solverName: google-domains
config:
apiUrl: https://acmedns.googleapis.com/v1
domainName: my.domain.com
secretName: cert-domain-tls-key-my.domain.com
secretKeyName: acme-key
Note: Make sure to change the values.yaml secretName
variable accordingly.
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: cert-domain-tls-key-my.domain.com
namespace: <YOUR NAMESPACE>
stringData:
eab-key: <EAB KEY>
acme-key: <ACME API KEY>
This is based on the project deyaeddin/cert-manager-webhook-hetzner and cert-manager/webhook-example Additional credits to forked project nblxa/cert-manager-webhook-google-domains for various fixes, updates and automation.
Please feel free to fork/optimize/make an official version of this for release to https://artifacthub.io/.