terraform { required_providers { kubernetes = { source = "hashicorp/kubernetes" } helm = { source = "hashicorp/helm" } } } provider "helm" { kubernetes { config_path = ".kube/config" } } provider "kubernetes" { config_path = ".kube/config" } resource "kubernetes_namespace" "cert_manager" { metadata { name = "cert-manager" } } resource "helm_release" "cert_manager" { name = "cert-manager" repository = "https://charts.jetstack.io" chart = "cert-manager" version = "1.6.1" namespace = kubernetes_namespace.cert_manager.metadata[0].name set { name = "installCRDs" value = "true" } } resource "kubernetes_manifest" "letsencrypt_staging" { manifest = { apiVersion = "cert-manager.io/v1" kind = "Issuer" metadata = { name = "letsencrypt-staging" namespace = "default" } spec = { acme = { server = "https://acme-staging-v02.api.letsencrypt.org/directory" email = var.letsencrypt_email privateKeySecretRef = { name = "letsencrypt-staging" } solvers = [ { selector = {} http01 = { ingress = { class = "nginx" } } } ] } } } } resource "kubernetes_manifest" "letsencrypt_prod" { manifest = { apiVersion = "cert-manager.io/v1" kind = "Issuer" metadata = { name = "letsencrypt-prod" namespace = "default" } spec = { acme = { server = "https://acme-v02.api.letsencrypt.org/directory" email = var.letsencrypt_email privateKeySecretRef = { name = "letsencrypt-prod" } solvers = [ { selector = {} http01 = { ingress = { class = "nginx" } } } ] } } } } resource "helm_release" "ingress_nginx" { name = "ingress-nginx" repository = "https://kubernetes.github.io/ingress-nginx" chart = "ingress-nginx" version = "4.0.13" }