TrueChartsClone/charts/stable/tailscale/values.yaml

image:
  repository: tailscale/tailscale
  pullPolicy: IfNotPresent
  tag: v1.31.7@sha256:86f1b87db67525a8468767e4fa64941265e918db36362dc7fc488112133de6f5

command: ["ash", "/tailscale/run.sh"]

tty: true

securityContext:
  readOnlyRootFilesystem: false
  runAsNonRoot: false
  capabilities:
    add:
      - NET_ADMIN

podSecurityContext:
  runAsUser: 0
  runAsGroup: 0

serviceAccount:
  main:
    enabled: true

rbac:
  main:
    enabled: true
    rules:
      - apiGroups:
          - ""
        resources:
          - "secrets"
        verbs:
          - "create"
      - apiGroups:
          - ""
        resources:
          - "secrets"
        resourceNames:
          - '{{ printf "%s-tailscale-secret" (include "tc.common.names.fullname" .) }}'
        verbs:
          - "get"
          - "update"

envFrom:
  - secretRef:
      name: '{{ include "tc.common.names.fullname" . }}-tailscale-secret'
  - configMapRef:
      name: '{{ include "tc.common.names.fullname" . }}-tailscale-config'

tailscale:
  authkey: "supersecret"
  userspace: false
  accept_dns: false
  routes: ""
  dest_ip: ""
  sock5_server: ""
  extra_args: ""
  daemon_extra_args: ""
  hostname: ""
  advertise_as_exit_node: false

probes:
  liveness:
    enabled: false
  readiness:
    enabled: false
  startup:
    enabled: false

hostNetwork: true

service:
  main:
    enabled: false
    ports:
      main:
        enabled: false

persistence:
  varrun:
    enabled: false
  config:
    enabled: true
    mountPath: "/var/lib"
  tun:
    enabled: true
    type: hostPath
    hostPath: /dev/net/tun
    mountPath: /dev/net/tun
    hostPathType: ""
    readOnly: false

portal:
  enabled: false