Blame - charts/headscale/templates/headscale.yaml - pcloud

blob: db3a81e5e414bdc07d06640f88c7623bcca3015e [file] [log] [blame]

Giorgi Lekveishvili	d507be5	2023-05-21 11:33:50 +0400	[diff] [blame]	1	# apiVersion: cert-manager.io/v1
				2	# kind: Certificate
				3	# metadata:
				4	# name: headscale.{{ .Values.domain }}
				5	# namespace: {{ .Release.Namespace }}
				6	# annotations:
				7	# helm.sh/resource-policy: keep
				8	# spec:
				9	# dnsNames:
				10	# - 'headscale.{{ .Values.domain }}'
				11	# issuerRef:
				12	# name: {{ .Values.certificateIssuer }}
				13	# kind: ClusterIssuer
				14	# secretName: cert-headscale.{{ .Values.domain }}
				15	# ---
Giorgi Lekveishvili	08a1941	2023-02-04 22:36:01 +0400	[diff] [blame]	16	apiVersion: networking.k8s.io/v1
				17	kind: Ingress
				18	metadata:
				19	name: ingress
				20	namespace: {{ .Release.Namespace }}
Giorgi Lekveishvili	d507be5	2023-05-21 11:33:50 +0400	[diff] [blame]	21	annotations:
				22	acme.cert-manager.io/http01-edit-in-place: "true"
				23	cert-manager.io/cluster-issuer: {{ .Values.certificateIssuer}}
Giorgi Lekveishvili	08a1941	2023-02-04 22:36:01 +0400	[diff] [blame]	24	spec:
				25	ingressClassName: {{ .Values.ingressClassName }}
				26	tls:
				27	- hosts:
				28	- headscale.{{ .Values.domain }}
				29	secretName: cert-headscale.{{ .Values.domain }}
				30	rules:
				31	- host: headscale.{{ .Values.domain }}
				32	http:
				33	paths:
				34	- path: /
				35	pathType: Prefix
				36	backend:
				37	service:
				38	name: headscale
				39	port:
				40	name: http
				41	---
Giorgi Lekveishvili	ed33f5e	2023-05-21 14:12:59 +0400	[diff] [blame]	42	apiVersion: networking.k8s.io/v1
				43	kind: Ingress
				44	metadata:
				45	annotations:
				46	acme.cert-manager.io/http01-edit-in-place: "true"
				47	cert-manager.io/cluster-issuer: {{ .Values.certificateIssuer}}
				48	nginx.ingress.kubernetes.io/ssl-redirect: "true"
				49	nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
				50	name: ingress-grpc
				51	namespace: {{ .Release.Namespace }}
				52	spec:
				53	ingressClassName: {{ .Values.ingressClassName }}
				54	tls:
				55	- hosts:
				56	- grpc.headscale.{{ .Values.domain }}
				57	secretName: cert-headscale.{{ .Values.domain }}
				58	rules:
				59	- host: grpc.headscale.{{ .Values.domain }}
				60	http:
				61	paths:
				62	- path: /
				63	pathType: Prefix
				64	backend:
				65	service:
				66	name: headscale
				67	port:
Giorgi Lekveishvili	620caa8	2023-05-21 19:36:58 +0400	[diff] [blame]	68	name: grpc
Giorgi Lekveishvili	ed33f5e	2023-05-21 14:12:59 +0400	[diff] [blame]	69	---
Giorgi Lekveishvili	08a1941	2023-02-04 22:36:01 +0400	[diff] [blame]	70	apiVersion: v1
				71	kind: Service
				72	metadata:
				73	name: headscale
				74	namespace: {{ .Release.Namespace }}
				75	spec:
				76	type: LoadBalancer
				77	selector:
				78	app: headscale
				79	ports:
				80	- name: http
				81	port: 80
				82	targetPort: http
				83	protocol: TCP
Giorgi Lekveishvili	620caa8	2023-05-21 19:36:58 +0400	[diff] [blame]	84	- name: grpc
				85	port: 50443
				86	targetPort: grpc
				87	protocol: TCP
Giorgi Lekveishvili	08a1941	2023-02-04 22:36:01 +0400	[diff] [blame]	88	---
				89	apiVersion: v1
				90	kind: PersistentVolumeClaim
				91	metadata:
				92	name: data
				93	namespace: {{ .Release.Namespace }}
				94	spec:
				95	accessModes:
				96	- ReadWriteOnce
				97	resources:
				98	requests:
				99	storage: {{ .Values.storage.size }}
				100	---
				101	apiVersion: apps/v1
				102	kind: StatefulSet
				103	metadata:
				104	name: headscale
				105	namespace: {{ .Release.Namespace }}
				106	spec:
				107	selector:
				108	matchLabels:
				109	app: headscale
				110	serviceName: headscale
				111	replicas: 1
				112	template:
				113	metadata:
				114	labels:
				115	app: headscale
				116	spec:
				117	volumes:
				118	- name: data
				119	persistentVolumeClaim:
				120	claimName: data
				121	- name: config
				122	configMap:
				123	name: config
				124	containers:
				125	- name: headscale
				126	image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
				127	imagePullPolicy: {{ .Values.image.pullPolicy }}
				128	ports:
				129	- name: http
				130	containerPort: 8080
				131	protocol: TCP
Giorgi Lekveishvili	620caa8	2023-05-21 19:36:58 +0400	[diff] [blame]	132	- name: grpc
				133	containerPort: 50443
				134	protocol: TCP
Giorgi Lekveishvili	08a1941	2023-02-04 22:36:01 +0400	[diff] [blame]	135	command: ["headscale", "--config=/headscale/config/config.yaml", "serve"]
				136	resources:
				137	# requests:
				138	# memory: "10Mi"
				139	# cpu: "10m"
				140	# limits:
				141	# memory: "20Mi"
				142	# cpu: "100m"
				143	# tolerations:
				144	# - key: "pcloud"
				145	# operator: "Equal"
				146	# value: "role"
				147	# effect: "NoSchedule"
				148	volumeMounts:
				149	- name: data
				150	mountPath: /headscale/data
				151	readOnly: false
				152	- name: config
				153	mountPath: /headscale/config
				154	readOnly: true