Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 8be0b942e6bfbae45d7afe2a7de9ffd68508ce9a / . / core / installer / values-tmpl / ingress-private.yaml
blob: 55405ac30a3e91a45d78f7dfcf1411f72fbfe6dc [file] [log] [blame]
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]1apiVersion: helm.toolkit.fluxcd.io/v2beta1
2kind: HelmRelease
3metadata:
Giorgi Lekveishviliacc4a632023-06-09 12:50:21 +0400[diff] [blame]4 name: namespaces-ingress-private
5 namespace: {{ .Global.Id }}
6spec:
7 chart:
8 spec:
9 chart: charts/namespaces
10 sourceRef:
11 kind: GitRepository
12 name: pcloud
13 namespace: {{ .Global.Id }}
14 interval: 1m0s
15 values:
16 pcloudInstanceId: {{ .Global.Id }}
17 namespacePrefix: {{ .Global.NamespacePrefix }}
18 namespaces:
19 - app-ingress-private
20---
21apiVersion: helm.toolkit.fluxcd.io/v2beta1
22kind: HelmRelease
23metadata:
Giorgi Lekveishvilic9211392023-06-12 18:30:14 +0400[diff] [blame]24 name: volumes-ingress-private
25 namespace: {{ .Global.Id }}
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]26spec:
Giorgi Lekveishvilic9211392023-06-12 18:30:14 +0400[diff] [blame]27 targetNamespace: {{ .Global.NamespacePrefix }}ingress-private
Giorgi Lekveishviliacc4a632023-06-09 12:50:21 +0400[diff] [blame]28 dependsOn:
29 - name: namespaces-ingress-private
30 namespace: {{ .Global.Id }}
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]31 chart:
32 spec:
Giorgi Lekveishvilic9211392023-06-12 18:30:14 +0400[diff] [blame]33 chart: charts/volumes
34 sourceRef:
35 kind: GitRepository
36 name: pcloud
37 namespace: {{ .Global.Id }}
38 interval: 1m0s
39 values:
40 name: tailscale
41 size: 1Gi
42---
43apiVersion: helm.toolkit.fluxcd.io/v2beta1
44kind: HelmRelease
45metadata:
46 name: ingress-private
47 namespace: {{ .Global.Id }}
48spec:
49 targetNamespace: {{ .Global.NamespacePrefix }}ingress-private
50 dependsOn:
51 - name: volumes-ingress-private
52 namespace: {{ .Global.Id }}
53 chart:
54 spec:
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]55 chart: charts/ingress-nginx
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]56 sourceRef:
Giorgi Lekveishvili23ef7f82023-05-26 11:57:48 +0400[diff] [blame]57 kind: GitRepository
58 name: pcloud
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]59 namespace: {{ .Global.Id }}
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]60 interval: 1m0s
61 values:
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]62 fullnameOverride: {{ .Global.Id }}-nginx-private
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]63 controller:
64 service:
65 enabled: true
66 type: ClusterIP
67 ingressClassByName: true
68 ingressClassResource:
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]69 name: {{ .Global.Id }}-ingress-private
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]70 enabled: true
71 default: false
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]72 controllerValue: k8s.io/{{ .Global.Id }}-ingress-private
giolekva050609f2021-12-29 15:51:40 +0400[diff] [blame]73 extraArgs:
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]74 default-ssl-certificate: "{{ .Global.Id }}-ingress-private/cert-wildcard.p.{{ .Global.Domain }}"
Giorgi Lekveishvilic9211392023-06-12 18:30:14 +0400[diff] [blame]75 extraVolumes:
76 - name: tailscale
77 persistentVolumeClaim:
78 claimName: tailscale
79 extraVolumeMounts:
80 - name: tailscale
81 mountPath: /tailscale-state
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]82 extraContainers:
83 - name: tailscale
84 image: tailscale/tailscale:v1.42.0
85 imagePullPolicy: IfNotPresent
86 securityContext:
87 privileged: true
88 capabilities:
89 add:
90 - NET_ADMIN
91 env:
Giorgi Lekveishvilic9211392023-06-12 18:30:14 +0400[diff] [blame]92 - name: TS_KUBE_SECRET
93 value: ""
94 - name: TS_STATE_DIR
95 value: /tailscale-state
Giorgi Lekveishvili4d2784d2023-06-01 14:27:32 +0400[diff] [blame]96 - name: TS_EXTRA_ARGS
97 value: --hostname={{ .Global.PCloudEnvName }}-ingress --login-server=headscale.{{ .Global.Domain }} # TODO(gio): take headscale subdomain from configuration