# HG changeset patch
# User drewp@bigasterisk.com
# Date 2023-06-22 05:57:20
# Node ID 1d3d12b7cf6df776172a838c30174325d44337b7
# Parent  a8c1e2f028f0b50ff18c8552d9d275e15a620910

move pom cert into make_global.py to share some vars

diff --git a/config/60-auth-cert.yaml b/config/60-auth-cert.yaml
deleted file mode 100644
--- a/config/60-auth-cert.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: pomerium-proxy-tls
-  namespace: pomerium
-spec:
-  dnsNames:
-  - 'authenticate.bigasterisk.com'
-  issuerRef:
-    kind: ClusterIssuer
-    name: letsencrypt-prod
-  secretName: pomerium-proxy-tls
\ No newline at end of file
diff --git a/make_global.py b/make_global.py
--- a/make_global.py
+++ b/make_global.py
@@ -59,6 +59,24 @@ config = {
 #            }
 #        },
     }
+def pomCert():
+    return {
+  "apiVersion": "cert-manager.io/v1",
+  "kind": "Certificate",
+  "metadata": {
+    "name": POM_CERT_NAME,
+    "namespace": "pomerium"
+  },
+  "spec": {
+    "dnsNames": [
+      AUTH_HOST
+    ],
+    "issuerRef": {
+      "kind": "ClusterIssuer",
+      "name": "letsencrypt-dns-prod"
+    },
+    "secretName": "pomerium-proxy-tls"
+  }
 }
 
 # Old note: pom won't start up if this cert doesn't exist, so you have to run once