You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Intro
This is basically a two-part PR together with #189, where #189 is about replacing Cert-Manager completely, this one is just about allowing the use of IX-Certificates
Is your feature request related to a problem? Please describe.
Currently we use Cert-Manager to handle certificate generation.
However, this creates a lot of abstraction and increases the maintenance of this Catalog significantly.
It would also mean we can offload things like documentation for the creation of certificates to TrueNAS/IX
In the past few weeks IX has release the option to use certificates from TrueNAS in Apps.
For the time being IX supports only route53 and acmeDNS as DNS01 providers, which isn't very usefull.
However, after some requests IX is working on wider support of DNS01 providers, which makes it more interesting to offload certificate generation to TrueNAS instead of doing it ourselves. See: truenas/middleware#6483
Doing so would also make it unneccisary to do #106 for the webUI.
Although we might still do it for other externalservices.(!)
Describe the solution you'd like
For now we can replace add a "IX-Certificate" option, which would allow the user to use a certificate loaded in TrueNAS.
In a later stage (after IX actually releases the UI part of the Certificate improvements) we can remove Cert-Manager and options related to it.
Describe alternatives you've considered
Staying with our own CertManager.
Which is really overdoing things if the integrated TrueNAS solution would suffice.
Additional Notes
This is basically a breaking change if fully completed and there possible would NOT be an easy migration path for users currently using Cert-manager. Users should be aware of that.
The text was updated successfully, but these errors were encountered:
Intro
This is basically a two-part PR together with #189, where #189 is about replacing Cert-Manager completely, this one is just about allowing the use of IX-Certificates
Is your feature request related to a problem? Please describe.
Currently we use Cert-Manager to handle certificate generation.
However, this creates a lot of abstraction and increases the maintenance of this Catalog significantly.
It would also mean we can offload things like documentation for the creation of certificates to TrueNAS/IX
In the past few weeks IX has release the option to use certificates from TrueNAS in Apps.
For the time being IX supports only route53 and acmeDNS as DNS01 providers, which isn't very usefull.
However, after some requests IX is working on wider support of DNS01 providers, which makes it more interesting to offload certificate generation to TrueNAS instead of doing it ourselves. See: truenas/middleware#6483
Doing so would also make it unneccisary to do #106 for the webUI.
Although we might still do it for other externalservices.(!)
Describe the solution you'd like
For now we can replace add a "IX-Certificate" option, which would allow the user to use a certificate loaded in TrueNAS.
In a later stage (after IX actually releases the UI part of the Certificate improvements) we can remove Cert-Manager and options related to it.
Describe alternatives you've considered
Staying with our own CertManager.
Which is really overdoing things if the integrated TrueNAS solution would suffice.
Additional Notes
This is basically a breaking change if fully completed and there possible would NOT be an easy migration path for users currently using Cert-manager. Users should be aware of that.
The text was updated successfully, but these errors were encountered: