From 2b6fa072943ba1a9eaf47e1464dc31ffd6289e22 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Fri, 18 Jun 2021 22:32:13 +0200
Subject: [PATCH] ++readme

---
 apps/nginx-certbot/README.md            | 8 ++++++++
 apps/nginx-certbot/base/deployment.yaml | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/apps/nginx-certbot/README.md b/apps/nginx-certbot/README.md
index 7601598..adb6691 100644
--- a/apps/nginx-certbot/README.md
+++ b/apps/nginx-certbot/README.md
@@ -1,5 +1,13 @@
 ## nginx service for getting letsencrypt certificates
 
+Get real letsencrypt certificates in IPv6 based clusters.
+
 ### Architecture
 
 * nginx/port 80 serves only the root for letsencrypt
+* nginx/port 443 crashes until the cert is there
+* A job (certbot) gets the cert
+
+## Missing bits
+
+* cronjob for renewal
diff --git a/apps/nginx-certbot/base/deployment.yaml b/apps/nginx-certbot/base/deployment.yaml
index c3d7550..3aa308e 100644
--- a/apps/nginx-certbot/base/deployment.yaml
+++ b/apps/nginx-certbot/base/deployment.yaml
@@ -145,7 +145,7 @@ spec:
           - /usr/share/nginx/html
           - --domain
           - 'tls1.default.svc.c2.k8s.ooo'
-          - --staging
+#          - --staging
         volumeMounts:
           - name: etcletsencrypt
             mountPath: "/etc/letsencrypt"