apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: longhorn-tls
  namespace: longhorn-system
spec:
  secretName: longhorn-tls
  issuerRef:
    name: letsencrypt-staging # TODO: change to letsencrypt-prod after timeout
    kind: ClusterIssuer
  dnsNames:
    - longhorn.frankoslaw.top
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: longhorn-tls-ingress
  namespace: longhorn-system
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`longhorn.frankoslaw.top`)
      kind: Rule
      services:
        - name: longhorn-frontend
          port: 80
  tls:
    secretName: longhorn-tls