commit c921139aa816a234d9c809145ecc6a50e8615190
author Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Mon Jun 12 18:30:14 2023 +0400
committer Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Mon Jun 12 18:30:14 2023 +0400
tree ab712aa3a6148219f23e2b4c3c74a92ee52ab2cf
parent ad59bfbf10bef9067ffead4f603753ecd38c1f8f

charts: install helm releases in main namespace

core/installer/values-tmpl/ingress-private.yaml

diff --git a/core/installer/values-tmpl/ingress-private.yaml b/core/installer/values-tmpl/ingress-private.yaml
index e0fd9af..55405ac 100644
--- a/core/installer/values-tmpl/ingress-private.yaml
+++ b/core/installer/values-tmpl/ingress-private.yaml
@@ -21,14 +21,37 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: ingress-private
-  namespace: {{ .Global.NamespacePrefix }}ingress-private
+  name: volumes-ingress-private
+  namespace: {{ .Global.Id }}
 spec:
+  targetNamespace: {{ .Global.NamespacePrefix }}ingress-private
   dependsOn:
     - name: namespaces-ingress-private
       namespace: {{ .Global.Id }}
   chart:
     spec:
+      chart: charts/volumes
+      sourceRef:
+        kind: GitRepository
+        name: pcloud
+        namespace: {{ .Global.Id }}
+  interval: 1m0s
+  values:
+    name: tailscale
+    size: 1Gi
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: ingress-private
+  namespace: {{ .Global.Id }}
+spec:
+  targetNamespace: {{ .Global.NamespacePrefix }}ingress-private
+  dependsOn:
+    - name: volumes-ingress-private
+      namespace: {{ .Global.Id }}
+  chart:
+    spec:
       chart: charts/ingress-nginx
       sourceRef:
         kind: GitRepository
@@ -49,6 +72,13 @@
         controllerValue: k8s.io/{{ .Global.Id }}-ingress-private
       extraArgs:
         default-ssl-certificate: "{{ .Global.Id }}-ingress-private/cert-wildcard.p.{{ .Global.Domain }}"
+      extraVolumes:
+      - name: tailscale
+        persistentVolumeClaim:
+          claimName: tailscale
+      extraVolumeMounts:
+      - name: tailscale
+        mountPath: /tailscale-state
       extraContainers:
       - name: tailscale
         image: tailscale/tailscale:v1.42.0
@@ -59,5 +89,9 @@
             add:
             - NET_ADMIN
         env:
+        - name: TS_KUBE_SECRET
+          value: ""
+        - name: TS_STATE_DIR
+          value: /tailscale-state
         - name: TS_EXTRA_ARGS
           value: --hostname={{ .Global.PCloudEnvName }}-ingress --login-server=headscale.{{ .Global.Domain }} # TODO(gio): take headscale subdomain from configuration