Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / e72b54f819a38afc6656b99010370d6f3d51c38e / . / core / installer / values-tmpl / headscale.cue
blob: 08b61efbc2599962a191703c817ad2f5f4a7f524 [file] [log] [blame]
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]1input: {
2 subdomain: string
Giorgi Lekveishvili9d5e3f52024-03-13 15:02:50 +0400[diff] [blame]3 ipSubnet: string
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]4}
5
Giorgi Lekveishvili03d6f4b2024-03-08 13:05:21 +0400[diff] [blame]6name: "headscale"
Giorgi Lekveishvili08af67a2024-01-18 08:53:05 +0400[diff] [blame]7namespace: "app-headscale"
8
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]9images: {
10 headscale: {
11 repository: "headscale"
12 name: "headscale"
13 tag: "0.22.3"
14 pullPolicy: "IfNotPresent"
15 }
16 api: {
17 repository: "giolekva"
18 name: "headscale-api"
19 tag: "latest"
20 pullPolicy: "Always"
21 }
22}
23
24charts: {
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]25 oauth2Client: {
26 chart: "charts/oauth2-client"
27 sourceRef: {
28 kind: "GitRepository"
29 name: "pcloud"
30 namespace: global.id
31 }
32 }
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]33 headscale: {
34 chart: "charts/headscale"
35 sourceRef: {
36 kind: "GitRepository"
37 name: "pcloud"
38 namespace: global.id
39 }
40 }
41}
42
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]43_domain: "\(input.subdomain).\(global.domain)"
44_oauth2ClientSecretName: "oauth2-client"
45
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]46helm: {
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]47 "oauth2-client": {
48 chart: charts.oauth2Client
49 // TODO(gio): remove once hydra maester is installed as part of dodo itself
Giorgi Lekveishvilia09fad72024-03-21 15:24:35 +0400[diff] [blame]50 dependsOn: [{
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]51 name: "auth"
52 namespace: "\(global.namespacePrefix)core-auth"
53 }]
54 values: {
55 name: "oauth2-client"
56 secretName: _oauth2ClientSecretName
57 grantTypes: ["authorization_code"]
58 responseTypes: ["code"]
59 scope: "openid profile email"
60 redirectUris: ["https://\(_domain)/oidc/callback"]
61 hydraAdmin: "http://hydra-admin.\(global.namespacePrefix)core-auth.svc.cluster.local"
62 }
63 }
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]64 headscale: {
65 chart: charts.headscale
Giorgi Lekveishvilia09fad72024-03-21 15:24:35 +0400[diff] [blame]66 dependsOn: [{
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]67 name: "auth"
68 namespace: "\(global.namespacePrefix)core-auth"
69 }]
70 values: {
71 image: {
72 repository: images.headscale.fullName
73 tag: images.headscale.tag
74 pullPolicy: images.headscale.pullPolicy
75 }
76 storage: size: "5Gi"
gioe72b54f2024-04-22 10:44:41 +0400[diff] [blame^]77 ingressClassName: ingressPublic
78 certificateIssuer: issuerPublic
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]79 domain: _domain
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]80 publicBaseDomain: global.domain
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]81 ipAddressPool: "\(global.id)-headscale"
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame]82 oauth2: {
83 secretName: _oauth2ClientSecretName
84 issuer: "https://hydra.\(global.domain)"
85 }
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]86 api: {
87 port: 8585
Giorgi Lekveishvili9d5e3f52024-03-13 15:02:50 +0400[diff] [blame]88 ipSubnet: input.ipSubnet
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]89 image: {
90 repository: images.api.fullName
91 tag: images.api.tag
92 pullPolicy: images.api.pullPolicy
93 }
94 }
95 ui: enabled: false
96 }
97 }
98}