I got the Cloudflare DNS-01 solver working for cert-manager: Cloudflare | cert-manager
I did this by running kubectl edit clusterissuer/letsencrypt and changing the solvers config:
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
key: api-token
name: cloudflare-api-token-secret
email: <my email>
This works great. I was able to practice a zero downtime migration by provisioning SSL certificates in advance, and then I could switch the DNS records safely and seamlessly transition to my new servers.
I just noticed that the config seems to overwritten after a little while and it goes back to the default of http01. Can you please add support for custom solvers here? I would like to continue using the Cloudflare dns01 solver.
I found the configuration template here: convox/cert-manager-letsencrypt.yml.tmpl at master · convox/convox · GitHub
Alternatively, is it possible to fork Convox so that I can update this template, and install the forked Convox in my Rack?