fix: use chart's native certManager configuration instead of manual patches

apps/production/element-server-suite.yaml

@@ -17,6 +17,10 @@ spec:
     # Top-Level: serverName – das ist dein Matrix-Homeserver-Name
     serverName: axion1337.chat
 
+    # Cert-Manager für automatische Zertifikatsgenerierung
+    certManager:
+      clusterIssuer: letsencrypt-prod
+
     # Interner Postgres an (default ist eh true, hier nur zur Klarheit)
     postgres:
       enabled: true
@@ -26,45 +30,30 @@ spec:
       enabled: true
       ingress:
         host: matrix.axion1337.chat
-        annotations:
-          cert-manager.io/cluster-issuer: letsencrypt-prod
-          traefik.ingress.kubernetes.io/router.tls: "true"
 
     # Matrix Authentication Service – braucht eine Subdomain
     matrixAuthenticationService:
       enabled: true
       ingress:
         host: account.axion1337.chat
-        annotations:
-          cert-manager.io/cluster-issuer: letsencrypt-prod
-          traefik.ingress.kubernetes.io/router.tls: "true"
 
     # Matrix RTC (Element Call) – braucht auch eine Subdomain
     matrixRTC:
       enabled: true
       ingress:
         host: mrtc.axion1337.chat
-        annotations:
-          cert-manager.io/cluster-issuer: letsencrypt-prod
-          traefik.ingress.kubernetes.io/router.tls: "true"
 
     # Element Web
     elementWeb:
       enabled: true
       ingress:
         host: axion1337.chat
-        annotations:
-          cert-manager.io/cluster-issuer: letsencrypt-prod
-          traefik.ingress.kubernetes.io/router.tls: "true"
 
     # Element Admin
     elementAdmin:
       enabled: true
       ingress:
         host: admin.axion1337.chat
-        annotations:
-          cert-manager.io/cluster-issuer: letsencrypt-prod
-          traefik.ingress.kubernetes.io/router.tls: "true"
 
     # Well-Known auf der Apex-Domain (axion1337.chat/.well-known/matrix/*)
     wellKnownDelegation:

apps/production/kustomization.yaml

@@ -1,70 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  # namespace.yaml hier entfernen!
   - matrix-postgres-auth.yaml
   - cert-issuer.yaml
-  - matrix-certificates.yaml
-  - element-server-suite.yaml
-
-patchesJson6902:
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-synapse
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: matrix-axion1337-chat-tls
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-matrix-authentication-service
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: account-axion1337-chat-tls
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-matrix-rtc
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: mrtc-axion1337-chat-tls
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-element-web
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: axion1337-chat-tls
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-element-admin
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: admin-axion1337-chat-tls
-  - target:
-      group: networking.k8s.io
-      version: v1
-      kind: Ingress
-      name: matrix-stack-well-known
-      namespace: matrix
-    patch: |-
-      - op: add
-        path: /spec/tls/0/secretName
-        value: axion1337-chat-tls
+  - element-server-suite.yaml