charts/headscale/templates/headscale.yaml - pcloud - Gitiles

 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: ingress
   namespace: {{ .Release.Namespace }}
   annotations:
     acme.cert-manager.io/http01-edit-in-place: "true"
     cert-manager.io/cluster-issuer: {{ .Values.certificateIssuer}}
 spec:
   ingressClassName: {{ .Values.ingressClassName }}
   tls:
   - hosts:
     - {{ .Values.domain }}
     secretName: cert-{{ .Values.domain }}
   rules:
   - host: {{ .Values.domain }}
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: headscale
             port:
               name: http
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: headscale
   namespace: {{ .Release.Namespace }}
   annotations:
     metallb.universe.tf/address-pool: {{ .Values.ipAddressPool }}
 spec:
   type: LoadBalancer
   selector:
     app: headscale
   ports:
   - name: http
     port: 80
     targetPort: http
     protocol: TCP
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: headscale-api
   namespace: {{ .Release.Namespace }}
 spec:
   type: ClusterIP
   selector:
     app: headscale
   ports:
   - name: http
     port: 80
     targetPort: http-api
     protocol: TCP
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: data
   namespace: {{ .Release.Namespace }}
 spec:
   accessModes:
     - ReadWriteOnce
   resources:
     requests:
       storage: {{ .Values.storage.size }}
 ---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: headscale
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
     matchLabels:
       app: headscale
   serviceName: headscale
   replicas: 1
   template:
     metadata:
       labels:
         app: headscale
     spec:
       volumes:
       - name: data
         persistentVolumeClaim:
           claimName: data
       - name: config
         configMap:
           name: config
       containers:
       - name: headscale
         image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         ports:
         - name: http
           containerPort: 8080
           protocol: TCP
         - name: grpc
           containerPort: 50443
           protocol: TCP
         command:
         - headscale
         - --config=/headscale/config/config.yaml
         - serve
         volumeMounts:
         - name: data
           mountPath: /headscale/data
           readOnly: false
         - name: config
           mountPath: /headscale/config
           readOnly: true
       - name: headscale-api
         image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}
         imagePullPolicy: {{ .Values.api.image.pullPolicy }}
         ports:
         - name: http-api
           containerPort: {{ .Values.api.port }}
           protocol: TCP
         command:
         - headscale-api
         - --port={{ .Values.api.port }}
         - --config=/headscale/config/config.yaml
         volumeMounts:
         - name: data
           mountPath: /headscale/data
           readOnly: false
         - name: config
           mountPath: /headscale/config
           readOnly: true
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: ingress
	namespace: {{ .Release.Namespace }}
	annotations:
	acme.cert-manager.io/http01-edit-in-place: "true"
	cert-manager.io/cluster-issuer: {{ .Values.certificateIssuer}}
	spec:
	ingressClassName: {{ .Values.ingressClassName }}
	tls:
	- hosts:
	- {{ .Values.domain }}
	secretName: cert-{{ .Values.domain }}
	rules:
	- host: {{ .Values.domain }}
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: headscale
	port:
	name: http
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: headscale
	namespace: {{ .Release.Namespace }}
	annotations:
	metallb.universe.tf/address-pool: {{ .Values.ipAddressPool }}
	spec:
	type: LoadBalancer
	selector:
	app: headscale
	ports:
	- name: http
	port: 80
	targetPort: http
	protocol: TCP
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: headscale-api
	namespace: {{ .Release.Namespace }}
	spec:
	type: ClusterIP
	selector:
	app: headscale
	ports:
	- name: http
	port: 80
	targetPort: http-api
	protocol: TCP
	---
	apiVersion: v1
	kind: PersistentVolumeClaim
	metadata:
	name: data
	namespace: {{ .Release.Namespace }}
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: {{ .Values.storage.size }}
	---
	apiVersion: apps/v1
	kind: StatefulSet
	metadata:
	name: headscale
	namespace: {{ .Release.Namespace }}
	spec:
	selector:
	matchLabels:
	app: headscale
	serviceName: headscale
	replicas: 1
	template:
	metadata:
	labels:
	app: headscale
	spec:
	volumes:
	- name: data
	persistentVolumeClaim:
	claimName: data
	- name: config
	configMap:
	name: config
	containers:
	- name: headscale
	image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
	imagePullPolicy: {{ .Values.image.pullPolicy }}
	ports:
	- name: http
	containerPort: 8080
	protocol: TCP
	- name: grpc
	containerPort: 50443
	protocol: TCP
	command:
	- headscale
	- --config=/headscale/config/config.yaml
	- serve
	volumeMounts:
	- name: data
	mountPath: /headscale/data
	readOnly: false
	- name: config
	mountPath: /headscale/config
	readOnly: true
	- name: headscale-api
	image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}
	imagePullPolicy: {{ .Values.api.image.pullPolicy }}
	ports:
	- name: http-api
	containerPort: {{ .Values.api.port }}
	protocol: TCP
	command:
	- headscale-api
	- --port={{ .Values.api.port }}
	- --config=/headscale/config/config.yaml
	volumeMounts:
	- name: data
	mountPath: /headscale/data
	readOnly: false
	- name: config
	mountPath: /headscale/config
	readOnly: true