# HG changeset patch
# User drewp@bigasterisk.com
# Date 1687413440 25200
# Node ID 1d3d12b7cf6df776172a838c30174325d44337b7
# Parent  a8c1e2f028f0b50ff18c8552d9d275e15a620910
move pom cert into make_global.py to share some vars

diff -r a8c1e2f028f0 -r 1d3d12b7cf6d config/60-auth-cert.yaml
--- a/config/60-auth-cert.yaml	Mon Jun 19 22:21:44 2023 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: pomerium-proxy-tls
-  namespace: pomerium
-spec:
-  dnsNames:
-  - 'authenticate.bigasterisk.com'
-  issuerRef:
-    kind: ClusterIssuer
-    name: letsencrypt-prod
-  secretName: pomerium-proxy-tls
\ No newline at end of file
diff -r a8c1e2f028f0 -r 1d3d12b7cf6d make_global.py
--- a/make_global.py	Mon Jun 19 22:21:44 2023 -0700
+++ b/make_global.py	Wed Jun 21 22:57:20 2023 -0700
@@ -59,6 +59,24 @@
 #            }
 #        },
     }
+def pomCert():
+    return {
+  "apiVersion": "cert-manager.io/v1",
+  "kind": "Certificate",
+  "metadata": {
+    "name": POM_CERT_NAME,
+    "namespace": "pomerium"
+  },
+  "spec": {
+    "dnsNames": [
+      AUTH_HOST
+    ],
+    "issuerRef": {
+      "kind": "ClusterIssuer",
+      "name": "letsencrypt-dns-prod"
+    },
+    "secretName": "pomerium-proxy-tls"
+  }
 }
 
 # Old note: pom won't start up if this cert doesn't exist, so you have to run once