kubernetes.io/tls certificate support for certificatesSecret

[cyrilcros]

Hi, could you please consider allowing the use of SSL certificates with the Secret kubernetes.io/tls type and tls.crt / tls.key as keys?
Currently the Chart requires you to do a lot of extra work and customizations around certbot. Allowing that type of cert and extracting the parts from it allows using certmanager like below. See https://cert-manager.io/docs/usage/certificate/
Thanks!

EDITED: it would be nice to just set up something like below

apiVersion: cert-manager.io/v1 
kind: Certificate 
metadata:
  name: gitpod-cert
  namespace: gitpod
spec:
   secretName: gitpod-cert
   dnsNames:
   - "gitpod.my.domain"
   - "*.gitpod.my.domain"
   - "*.ws.gitpod.my.domain"
   issuerRef:
     name: letsencrypt-prod
     kind: ClusterIssuer

and in values.yaml

certificatesSecret:
   secretName: gitpod-cert

The certificate should be easy to split via -----BEGIN CERTIFICATE----- -----END CERTIFICATE-----....
Instead we have this:

gitpod/chart/templates/proxy-deployment.yaml

Line 159 in e33ff33

{{- if (and $.Values.certificatesSecret.fullChainName $.Values.certificatesSecret.chainName $.Values.certificatesSecret.keyName) }}

** RE-EDIT: ** it doesn't even look like all the files listed here and at https://www.gitpod.io/docs/self-hosted/latest/install/configure-ingress/ are even required. They are just used here

gitpod/chart/config/proxy/lib.ssl.conf

Line 6 in 3cce30d

ssl_trusted_certificate /etc/nginx/certificates/fullchain.pem;

Only the tls.crt / tls.key are required

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[cyrilcros]

Closing this because the proxy2caddy move will make changes to nginx moot. They will also include better certs handling.