60 lines
1.6 KiB
YAML
60 lines
1.6 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
namespace: {{ .Values.namespace }}
|
|
name: headscale
|
|
labels: {{ include "common.app.labels" . | nindent 4 }}
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels: {{ include "common.app.labels" . | nindent 6 }}
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: headscale
|
|
image: "{{ .Values.image }}:{{ .Values.imageTag }}"
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
protocol: TCP
|
|
- containerPort: 9090
|
|
name: metrics
|
|
protocol: TCP
|
|
args:
|
|
- --config
|
|
- /etc/headscale/config/config.yaml
|
|
- serve
|
|
volumeMounts:
|
|
- mountPath: /etc/headscale/config
|
|
name: config
|
|
readOnly: true
|
|
- mountPath: /var/run
|
|
name: tmp
|
|
{{- if .Values.secrets }}
|
|
- mountPath: /etc/headscale/secrets
|
|
name: secrets
|
|
readOnly: true
|
|
{{- end }}
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
name: headscale
|
|
- name: tmp
|
|
emptyDir:
|
|
medium: Memory
|
|
- name: data
|
|
{{- .Values.mounts.data | toYaml | nindent 10 }}
|
|
{{- if .Values.secrets }}
|
|
- name: secrets
|
|
secret:
|
|
secretName: {{ .Values.secrets.secretName }}
|
|
{{- end }}
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 10000
|
|
runAsGroup: 10000 |