Commit new Chart releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

incubator/tailscale/0.0.3/templates/_privelegednet.tpl

@@ -1,15 +0,0 @@
-{{- define "tailscale.tun" -}}
----
-enabled: true
-type: hostPath
-hostPath: /dev/net/tun
-mountPath: /dev/net/tun
-hostPathType: ""
-readOnly: false
-{{- end }}
-
-{{- define "tailscale.caps" -}}
----
-add:
-  - NET_ADMIN
-{{- end }}

incubator/tailscale/0.0.4/CHANGELOG.md

@@ -2,6 +2,15 @@
 
 
 
+## [tailscale-0.0.4](https://github.com/truecharts/charts/compare/tailscale-0.0.3...tailscale-0.0.4) (2022-08-20)
+
+### Fix
+
+- adds tun device and runs as root by default ([#3519](https://github.com/truecharts/charts/issues/3519))
+
+
+
+
 ## [tailscale-0.0.3](https://github.com/truecharts/charts/compare/tailscale-0.0.2...tailscale-0.0.3) (2022-08-18)
 
 ### Chore

incubator/tailscale/0.0.4/Chart.lock

@@ -3,4 +3,4 @@ dependencies:
   repository: https://library-charts.truecharts.org
   version: 10.4.12
 digest: sha256:2b926ab794b2ebae2ba0c898ffe38320266e86eafebe44d869c8f0721f5dac27
-generated: "2022-08-18T22:22:12.693581967Z"
+generated: "2022-08-20T13:23:15.800748754Z"

incubator/tailscale/0.0.4/Chart.yaml

@@ -20,7 +20,7 @@ sources:
   - https://github.com/truecharts/charts/tree/master/charts/incubator/tailscale
   - https://hub.docker.com/r/tailscale/tailscale
   - https://github.com/tailscale/tailscale/blob/main/docs/k8s/run.sh
-version: 0.0.3
+version: 0.0.4
 annotations:
   truecharts.org/catagories: |
     - network

incubator/tailscale/0.0.4/README.md

@@ -1,6 +1,6 @@
 # tailscale
 
-![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![AppVersion: 1.29.125](https://img.shields.io/badge/AppVersion-1.29.125-informational?style=flat-square)
+![Version: 0.0.4](https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square) ![AppVersion: 1.29.125](https://img.shields.io/badge/AppVersion-1.29.125-informational?style=flat-square)
 
 Tailscale lets you connect your devices and users together in your own secure virtual private network
 

incubator/tailscale/0.0.4/ix_values.yaml

@@ -7,14 +7,16 @@ command: ["ash", "/tailscale/run.sh"]
 
 tty: true
 
-# Only un-comment this if you are going to have `userspace: false`
-# securityContext:
-#   readOnlyRootFilesystem: false
-#   runAsNonRoot: false
+securityContext:
+  readOnlyRootFilesystem: false
+  runAsNonRoot: false
+  capabilities:
+    add:
+      - NET_ADMIN
 
-# podSecurityContext:
-#   runAsUser: 0
-#   runAsGroup: 0
+podSecurityContext:
+  runAsUser: 0
+  runAsGroup: 0
 
 serviceAccount:
   main:
@@ -52,6 +54,7 @@ tailscale:
   dest_ip: ""
   sock5_server: ""
   extra_args: ""
+  daemon_extra_args: ""
 
 probes:
   liveness:
@@ -72,6 +75,13 @@ persistence:
   config:
     enabled: true
     mountPath: "/var/lib"
+  tun:
+    enabled: true
+    type: hostPath
+    hostPath: /dev/net/tun
+    mountPath: /dev/net/tun
+    hostPathType: ""
+    readOnly: false
 
 portal:
   enabled: false

incubator/tailscale/0.0.4/questions.yaml

@@ -205,6 +205,11 @@ questions:
           schema:
             type: string
             default: ""
+        - variable: daemon_extra_args
+          label: "Tailscale Daemon Extra Args"
+          schema:
+            type: string
+            default: ""
   - variable: TZ
     label: Timezone
     group: Container Configuration
@@ -1498,7 +1503,7 @@ questions:
                 label: "ReadOnly Root Filesystem"
                 schema:
                   type: boolean
-                  default: true
+                  default: false
               - variable: allowPrivilegeEscalation
                 label: "Allow Privilege Escalation"
                 schema:
@@ -1508,7 +1513,7 @@ questions:
                 label: "runAsNonRoot"
                 schema:
                   type: boolean
-                  default: true
+                  default: false
               - variable: capabilities
                 label: Capabilities
                 schema:
@@ -1547,13 +1552,13 @@ questions:
           description: "The UserID of the user running the application"
           schema:
             type: int
-            default: 568
+            default: 0
         - variable: runAsGroup
           label: "runAsGroup"
           description: "The groupID this App of the user running the application"
           schema:
             type: int
-            default: 568
+            default: 0
         - variable: fsGroup
           label: "fsGroup"
           description: "The group that should own ALL storage."

incubator/tailscale/0.0.4/templates/_configmap.tpl

@@ -27,4 +27,7 @@ data:
   {{- with .Values.tailscale.extra_args }}
   TS_EXTRA_ARGS: {{ . | quote }}
   {{- end }}
+  {{- with .Values.tailscale.daemon_extra_args }}
+  TS_TAILSCALED_EXTRA_ARGS: {{ . | quote }}
+  {{- end }}
 {{- end }}

incubator/tailscale/0.0.4/templates/common.yaml

@@ -7,10 +7,5 @@
 {{/* Render config */}}
 {{- include "tailscale.config" . }}
 
-{{- if not .Values.tailscale.userspace }}
-{{- $_ := set .Values.persistence "tun" (include "tailscale.tun" . | fromYaml) -}}
-{{- $_ := set .Values.securityContext "capabilities" (include "tailscale.caps" . | fromYaml) -}}
-{{- end }}
-
 {{/* Render the templates */}}
 {{ include "tc.common.loader.apply" . }}