From 0812c2323d466381f7dbf05c26291f77f823d42c Mon Sep 17 00:00:00 2001
From: Joel Wetzell <jwetzell@yahoo.com>
Date: Wed, 5 Nov 2025 15:55:34 -0600
Subject: [PATCH] add storage class and cluster issuer

---
 .../configs/cluster-issuer.yaml               | 27 +++++++++++++++++++
 .../configs/kustomization.yaml                |  5 ++++
 .../ontime-dev-doks/configs/storageclass.yaml | 17 ++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 clusters/ontime-dev-doks/configs/cluster-issuer.yaml
 create mode 100644 clusters/ontime-dev-doks/configs/kustomization.yaml
 create mode 100644 clusters/ontime-dev-doks/configs/storageclass.yaml

diff --git a/clusters/ontime-dev-doks/configs/cluster-issuer.yaml b/clusters/ontime-dev-doks/configs/cluster-issuer.yaml
new file mode 100644
index 0000000..59c34ca
--- /dev/null
+++ b/clusters/ontime-dev-doks/configs/cluster-issuer.yaml
@@ -0,0 +1,27 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: lets-encrypt-staging
+spec:
+  acme:
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: lets-encrypt-staging-account-key
+    solvers:
+    - http01:
+        ingress:
+          ingressClassName: nginx
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: lets-encrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: lets-encrypt-prod-account-key
+    solvers:
+    - http01:
+        ingress:
+          ingressClassName: nginx
\ No newline at end of file
diff --git a/clusters/ontime-dev-doks/configs/kustomization.yaml b/clusters/ontime-dev-doks/configs/kustomization.yaml
new file mode 100644
index 0000000..d95b52b
--- /dev/null
+++ b/clusters/ontime-dev-doks/configs/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - cluster-issuer.yaml
+  - storageclass.yaml
\ No newline at end of file
diff --git a/clusters/ontime-dev-doks/configs/storageclass.yaml b/clusters/ontime-dev-doks/configs/storageclass.yaml
new file mode 100644
index 0000000..81276b9
--- /dev/null
+++ b/clusters/ontime-dev-doks/configs/storageclass.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: nfs-csi
+provisioner: nfs.csi.k8s.io
+parameters:
+  server: 10.128.0.2
+  share: /24445969/0b7a1f68-fa6e-417a-ae3b-87b80dd06b4d
+  # csi.storage.k8s.io/provisioner-secret is only needed for providing mountOptions in DeleteVolume
+  # csi.storage.k8s.io/provisioner-secret-name: "mount-options"
+  # csi.storage.k8s.io/provisioner-secret-namespace: "default"
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
+allowVolumeExpansion: true
+mountOptions:
+  - nfsvers=4.1