Deploy cert-manager with ACME/DNS-01 (#7) · Issues · mson / lab

Deploy cert-manager with ACME/DNS-01

cert-manager with Let's Encrypt via DNS-01 challenge against DigitalOcean DNS. Wildcard cert for `*.lab.mson.sh` to avoid exposing individual service names in CT logs. Internal CA planned as a future addition for more control and sub-subdomain support. Depends on: GitOps setup, secrets management (for DO API token) *Generated with Claude Code*

issue