env: create tailscale-proxy for ingress-private IP with new env

commit: 6ae65d1402c77dc29905296d293fcee0ddc72d71 [log] [tgz]
author: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Mon Dec 04 15:37:53 2023 +0400
committer: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Mon Dec 04 16:49:17 2023 +0400
tree: 4ff02a2d0adc02f8105ea0a816fc4d479e748321
parent: 123a3675b35f1b7c6f7249f3d63a7e65a1909fe1 [diff] [blame]
diff --git a/charts/headscale/templates/config.yaml b/charts/headscale/templates/config.yaml
index 31582e3..85d8b79 100644
--- a/charts/headscale/templates/config.yaml
+++ b/charts/headscale/templates/config.yaml

@@ -206,7 +206,7 @@
         # Path to a file containg ACL policies.
         # ACLs can be defined as YAML or HUJSON.
         # https://tailscale.com/kb/1018/acls/
-        acl_policy_path: ""
+        acl_policy_path: "/headscale/acls/config.hujson" # TODO(gio): mount path must be configurable
 
         ## DNS
         #
@@ -272,7 +272,7 @@
         # help us test it.
         # OpenID Connect
         oidc:
-          only_start_if_oidc_is_available: false
+          only_start_if_oidc_is_available: true
           issuer: {{ .Values.oauth2.hydraPublic }}
           client_id: {{`{{ .client_id }}`}}
           client_secret: {{`{{ .client_secret }}`}}
commit	6ae65d1402c77dc29905296d293fcee0ddc72d71	[log] [tgz]
author	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Mon Dec 04 15:37:53 2023 +0400
committer	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Mon Dec 04 16:49:17 2023 +0400
tree	4ff02a2d0adc02f8105ea0a816fc4d479e748321
parent	123a3675b35f1b7c6f7249f3d63a7e65a1909fe1 [diff] [blame]