58 lines
1.2 KiB
YAML
58 lines
1.2 KiB
YAML
image:
|
|
repository: docker.io/weejewel/wg-easy
|
|
pullPolicy: IfNotPresent
|
|
tag: latest@sha256:ea65f283dfeb62628ce942ce38974f9db05177aa27ab69b787115b78591552f3
|
|
securityContext:
|
|
container:
|
|
PUID: 0
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
- SYS_MODULE
|
|
service:
|
|
main:
|
|
ports:
|
|
main:
|
|
port: 51821
|
|
vpn:
|
|
enabled: true
|
|
ports:
|
|
vpn:
|
|
enabled: true
|
|
protocol: udp
|
|
port: 51820
|
|
workload:
|
|
main:
|
|
podSpec:
|
|
containers:
|
|
main:
|
|
probes:
|
|
liveness:
|
|
type: tcp
|
|
readiness:
|
|
type: tcp
|
|
startup:
|
|
type: tcp
|
|
env:
|
|
WG_HOST: "localhost"
|
|
PORT: "{{ .Values.service.main.ports.main.port }}"
|
|
WG_PORT: "{{ .Values.service.vpn.ports.vpn.port }}"
|
|
WG_MTU: 0
|
|
WG_PERSISTENT_KEEPALIVE: 0
|
|
WG_DEFAULT_ADDRESS: "10.8.0.x"
|
|
WG_DEFAULT_DNS: "1.1.1.1"
|
|
WG_ALLOWED_IPS: "0.0.0.0/0, ::/0"
|
|
PASSWORD: "secretpass"
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
mountPath: "/etc/wireguard"
|
|
portal:
|
|
open:
|
|
enabled: true
|