Update docs

nabsul · Feb 14, 2024 · 6204d04 · 6204d04
1 parent b1219ce
commit 6204d04
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 17 deletions.
diff --git a/README.md b/README.md
@@ -36,9 +36,12 @@ After you've tested against staging, you can switch to production with:
 helm install kcert nabsul/kcert -n kcert --debug --set acmeTermsAccepted=true,acmeEmail=[YOUR EMAIL],acmeDirUrl=https://acme-v02.api.letsencrypt.org/directory
 ```
 
-For setting up SMTP email notifications and other parameters, please check the `charts/kcert/values.yaml` file.
-The SMTP password must be stored in an already created secret and the secret name + field key must be specified in the `values` file.
-An empty credentials section will enable unauthenticated email sending.
+For setting up SMTP email notifications and other parameters, please check the `charts/kcert/values.yaml` file and set the values under `smtp` accordingly.
+The SMTP password must be stored in a secret. If you stick with the defaults, you can simply create that secret with the following command:
+
+```sh
+kubectl create secret -n [YOUR NAMESPACE] generic kcert-smpt-secret --from-literal=password=[YOUR PASSWORD]
+```
 
 ### Creating a Certificate via Ingress
 
@@ -63,9 +66,12 @@ helm install [VERSION] nabsul/kcert-configmap -n kcert --debug --set name=kcert,
 An example would be *helm install 1.1.0 nabsul/kcert-configmap -n kcert --debug --set name=kcert,hosts="www.yourdomain.duckdns.org"*
 
 ### Namespace-constrained installations
-If you are using Rancher clusters and are assigned a specific namespace without access to cluster-wide resources, it is possible to instruct KCert to query only a list of namespaces.
 
-To enable the namespace-constrained mode, set the variable `KCERT__NamespaceConstraints` to `true`. Then, set the variable `KCERT__NamespaceConstraintsList` to a list of namespaces, separated by ";". Example: `KCERT__NamespaceConstraintsList=ns-1;ns-2;ns-3`.
+If you are using Rancher clusters and are assigned a specific namespace without access to cluster-wide resources,
+it is possible to instruct KCert to query only a list of namespaces.
+
+To enable the namespace-constrained mode, set the environment variable `KCERT__NAMESPACECONSTRAINTS` to a list of namespaces, separated by ",".
+Example: `KCERT__NAMESPACECONSTRAINTS=ns-1,ns-2,ns-3`.
 
 ### Helm Charts
 
@@ -84,22 +90,14 @@ Experiment and make sure everything is working as expected, then switch over to
 More information this topic can be found [here](https://letsencrypt.org/docs/staging-environment/).
 
 ### Using EAB (External Account Binding)
-KCert supports the EAB authentication protocol for providers requiring it. To set it up, fill the following environment variables:
+
+KCert supports the EAB authentication protocol for providers requiring it. To set it up, set the following environment variables:
+
 ```
 ACME__EABKEYID: Key identifier given by your ACME provider
 ACME__EABHMACKEY: HMAC key given by your ACME provider
 ```
 
-It is also possible to set those variables in `appsettings.json` under the "Acme" field.
- ```json
- "Acme": {
-    ...
-    "EabKeyId": "your-key-id-here",
-    "EabHmacKey": "your-hmac-key here"
-    ...
- }
-  ```
-
 ### Diagnostics
 
 To check that everything is running as expected:

diff --git a/charts/kcert/values.yaml b/charts/kcert/values.yaml
@@ -25,7 +25,7 @@ smtp:
   port: null
   user: null
   secret:
-    name: null
+    name: kcert-smpt-secret
     key: password
 
 securityContext: {}