gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 19:51:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
72f5246ce32043a439fa7622ff4634be5b2d6311
certctl/deploy/helm/INSTALLATION.md
T
shankar0123 ec21c9bb29 feat(m28+m29+m30): ACME ARI, email digest, and Helm chart 
M28: ACME Renewal Information (RFC 9702) — CA-directed renewal timing
with cert ID computation, directory endpoint discovery, graceful
degradation for non-ARI CAs. 19 tests.

M29: Email notifier wiring + scheduled certificate digest — SMTP
connector bridged to service layer via NotifierAdapter, DigestService
with HTML email template, 7th scheduler loop (24h), digest preview/send
API endpoints and GUI card. 21 tests.

M30: Production-ready Helm chart — server Deployment, PostgreSQL
StatefulSet, agent DaemonSet, ConfigMaps, Secrets, Ingress, security
contexts, health probes, example values for dev/prod/ACME scenarios.

Also: OpenAPI spec updates, MCP tool additions, CI helm-lint job,
documentation updates across 5 doc files and README.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-28 21:18:35 -04:00

2.2 KiB
Raw Blame History

Quick Installation Guide

One-Liner Installation

Development (no auth)

helm install certctl certctl/ \
  --set server.auth.type=none \
  --set postgresql.auth.password=dev

Production (with API key)

API_KEY=$(openssl rand -base64 32)
DB_PASSWORD=$(openssl rand -base64 32)

helm install certctl certctl/ \
  --values examples/values-prod-ha.yaml \
  --set server.auth.apiKey="$API_KEY" \
  --set postgresql.auth.password="$DB_PASSWORD"

Verify Installation

# Wait for pods to be ready
kubectl rollout status deployment/certctl-server
kubectl rollout status statefulset/certctl-postgres

# Check all components
kubectl get pods -l app.kubernetes.io/instance=certctl

# View server logs
kubectl logs -l app.kubernetes.io/component=server -f

# Access the API
kubectl port-forward svc/certctl-server 8443:8443 &
curl http://localhost:8443/health

Next Steps

  1. Read Documentation

    • README.md - Complete reference
    • DEPLOYMENT_GUIDE.md - Step-by-step guide
    • CHART_SUMMARY.md - Architecture overview

  2. Configure for Your Environment

    • Review examples/ for your deployment scenario
    • Customize values.yaml as needed
    • Use helm upgrade to apply changes

  3. Set Up Monitoring

    • Install Prometheus (optional)
    • Enable Ingress with HTTPS
    • Configure email notifications

  4. Deploy Agents

    • Agents deploy automatically as DaemonSet
    • Verify with: kubectl get pods -l app.kubernetes.io/component=agent

  5. Create Certificates

    • Configure issuer connectors (Local CA, ACME, etc.)
    • Access web dashboard at ingress or port-forward

Common Commands

# List installations
helm list

# View chart values
helm values certctl

# Upgrade chart
helm upgrade certctl certctl/ -f new-values.yaml

# Rollback to previous version
helm rollback certctl 1

# Uninstall chart
helm uninstall certctl

# View deployment history
helm history certctl

# Dry-run installation to see generated YAML
helm install certctl certctl/ --dry-run --debug

Support

Reference in New Issue View Git Blame Copy Permalink