Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(tailscale): add common flags as fields (#3741) 

* feat(tailscale): add common flags as fields

* Update charts/stable/tailscale/templates/_configmap.tpl

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

* Update charts/stable/tailscale/docs/How-To-Guide.md

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

* change to ClusterIP

* set hostnetwork

* remove service altogether

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Stavros Kois 2022-09-14 17:25:36 +03:00 committed by GitHub
parent 81fe7905fa
commit 4a23ef004a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 66 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/stable/tailscale/Chart.yaml
View File

@ -20,7 +20,7 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/tailscale
- https://hub.docker.com/r/tailscale/tailscale
- https://github.com/tailscale/tailscale/blob/main/docs/k8s/run.sh
version: 1.0.9
version: 1.1.0
annotations:
truecharts.org/catagories: |
- network

12
charts/stable/tailscale/docs/How-To-Guide.md
View File

@ -42,17 +42,13 @@ Leave defaults here.
- `Accept DNS`: Enabling it will pass your Global Nameservers from Tailscale to your local install.
- `Routes`: Change to the routes you wish Tailscale to have access to on the devices it's connected, such as my LAN in the example.
- `Extra Args` passes arguments/flags to the `tailscale up` command.
Common flags/arguments:
- `--advertise-exit-node`
This is used to pass traffic through tailscale like a private VPN.
- `--hostname=<name>`
You can specify a specific hostname for use inside Tailscale (see image below).
- `Hostname` You can specify a specific hostname for use inside Tailscale (see image below). (Passes `--hostname HOSTNAME` to `Extra args`)
- `Advertise as exit node` This is used to pass traffic through tailscale like a private VPN. (Passes `--advertise-exit-node` to `Extra args`)
For more Extra Args and their usage please check the [Tailscale Knowledge Base](https://tailscale.com/kb/1080/cli/#up)
since we consider these advanced features and these may/not be compatible with everyone's exact setup.
TODO: Update image with the new fields
![tailscale-step-3](img/How-To-Image-2.png)
**Hostname example**
@ -66,7 +62,7 @@ The default ports are fine for this chart, you shouldn't need to port forward or
:::caution
In case you want to access their SMB shares or TrueNAS GUI via Tailscale.
You will have to ensure that `Host Networking` is enabled.
You will have to ensure that `Host Networking` is enabled and `Userspace` is disabled.
:::

93
charts/stable/tailscale/questions.yaml
View File

@ -18,90 +18,73 @@ questions:
type: dict
attrs:
- variable: authkey
label: "Auth Key"
description: "Provide an auth key to automatically authenticate the node as your user account."
label: Auth Key
description: Provide an auth key to automatically authenticate the node as your user account.
schema:
type: string
private: true
default: ""
- variable: userspace
label: "Userspace"
description: "Userspace Networking mode allows running Tailscale where you don't have access to create a VPN tunnel device."
label: Userspace
description: Userspace Networking mode allows running Tailscale where you don't have access to create a VPN tunnel device.
schema:
type: boolean
default: true
default: false
- variable: accept_dns
label: "Accept DNS"
description: "Accept DNS configuration from the admin console."
label: Accept DNS
description: Accept DNS configuration from the admin console.
schema:
type: boolean
default: false
- variable: routes
label: "Routes"
label: Routes
description: Expose physical subnet routes to your entire Tailscale network.
schema:
type: string
default: ""
- variable: dest_ip
label: "Dest IP"
label: Dest IP
description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
schema:
type: string
default: ""
- variable: sock5_server
label: "Sock5 Server"
label: Sock5 Server
schema:
type: string
default: ""
- variable: hostname
label: Hostname
description: You can specify a specific hostname for use inside Tailscale. (Passes --hostname HOSTNAME to extra_args)
schema:
type: string
default: ""
- variable: advertise_as_exit_node
label: Advertise as exit node
description: This is used to pass traffic through tailscale like a private VPN. (Passes --advertise-exit-node to extra_args)
schema:
type: boolean
default: false
- variable: extra_args
label: "Extra Args"
label: Extra Args
description: UP_ARGS or flags to pass along to Tailscale, such as --advertise-exit-node
schema:
type: string
default: ""
- variable: daemon_extra_args
label: "Tailscale Daemon Extra Args"
label: Tailscale Daemon Extra Args
schema:
type: string
default: ""
# Include{containerConfig}
# Include{serviceRoot}
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 41600
required: true
# Include{advancedPortUDP}
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 41700
# Include{serviceExpertRoot}
default: false
default: true
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceRoot}
- variable: config
label: "App Config Storage"
description: "Stores the Application Configuration."
label: App Config Storage
description: Stores the Application Configuration.
schema:
additional_attrs: true
type: dict
@ -111,7 +94,7 @@ questions:
# Include{persistenceList}
# Include{ingressRoot}
- variable: main
label: "Main Ingress"
label: Main Ingress
schema:
additional_attrs: true
type: dict
@ -124,42 +107,42 @@ questions:
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: "Privileged mode"
label: Privileged mode
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
label: ReadOnly Root Filesystem
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
label: Allow Privilege Escalation
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
label: runAsNonRoot
schema:
type: boolean
default: false
# Include{securityContextAdvanced}
# Include{podSecurityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
label: runAsUser
description: The UserID of the user running the application
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
label: runAsGroup
description: The groupID this App of the user running the application
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
label: fsGroup
description: The group that should own ALL storage.
schema:
type: int
default: 568

19
charts/stable/tailscale/templates/_configmap.tpl
View File

@ -4,6 +4,19 @@
{{- $configName := printf "%s-tailscale-config" (include "tc.common.names.fullname" .) }}
{{- $secretName := printf "%s-tailscale-secret" (include "tc.common.names.fullname" .) }}
{{- $customArgs := "" -}}
{{- if .Values.tailscale.hostname }}
{{- $customArgs = (printf "--hostname %v %v" .Values.tailscale.hostname $customArgs | trim) -}}
{{- end }}
{{- if .Values.tailscale.advertise_as_exit_node }}
{{- $customArgs = (printf "--advertise-exit-node %v" $customArgs | trim) -}}
{{- end }}
{{- if .Values.tailscale.extra_args }}
{{- $customArgs = (printf "%v %v" .Values.tailscale.extra_args $customArgs | trim) -}}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
@ -24,10 +37,10 @@ data:
{{- with .Values.tailscale.sock5_server }}
TS_SOCK5_SERVER: {{ . }}
{{- end }}
{{- with .Values.tailscale.extra_args }}
TS_EXTRA_ARGS: {{ . | quote }}
{{- end }}
{{- with .Values.tailscale.daemon_extra_args }}
TS_TAILSCALED_EXTRA_ARGS: {{ . | quote }}
{{- end }}
{{- with $customArgs }}
TS_EXTRA_ARGS: {{ . | quote }}
{{- end }}
{{- end }}

10
charts/stable/tailscale/values.yaml
View File

@ -50,13 +50,15 @@ envFrom:
tailscale:
authkey: "supersecret"
userspace: true
userspace: false
accept_dns: false
routes: ""
dest_ip: ""
sock5_server: ""
extra_args: ""
daemon_extra_args: ""
hostname: ""
advertise_as_exit_node: false
probes:
liveness:
@ -66,12 +68,14 @@ probes:
startup:
enabled: false
hostNetwork: true
service:
main:
enabled: false
ports:
main:
protocol: UDP
port: 41700
enabled: false
persistence:
varrun: