Prerequisites

Requirements for running Comentario in a Kubernetes cluster

First, make sure you understand the requirements for running Comentario in general.

Second, you’ll need the following.

  1. Helm package manager 3.x is installed.
  2. We’re using certmanager for dealing with SSL certificates in the cluster: requesting and renewing.
  3. Once you have certmanager up and running, create a new ClusterIssuer for Let’s Encrypt. Or, even better, two issuers: letsencrypt-staging for experimenting with your installation (so that you don’t hit Let’s Encrypt usage limits) and letsencrypt-prod for production usage.

Below is an example of configuration files for creating these two issuers, while using Traefik ingress controller:

---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    email: <YOUR EMAIL HERE> # Update this
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: issuer-letsencrypt-staging
    solvers:
      - http01:
          ingress:
            class: traefik-cert-manager

---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    email: <YOUR EMAIL HERE> # Update this
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: issuer-letsencrypt-prod
    solvers:
      - http01:
          ingress:
            class: traefik-cert-manager