61 lines
1.4 KiB
YAML
61 lines
1.4 KiB
YAML
image:
|
|
repository: ghcr.io/wg-easy/wg-easy
|
|
pullPolicy: IfNotPresent
|
|
tag: 14@sha256:66352ccb4b5095992550aa567df5118a5152b6ed31be34b0a8e118a3c3a35bf5
|
|
securityContext:
|
|
container:
|
|
PUID: 0
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
- SYS_MODULE
|
|
service:
|
|
main:
|
|
ports:
|
|
main:
|
|
port: 51821
|
|
vpn:
|
|
enabled: true
|
|
ports:
|
|
vpn:
|
|
enabled: true
|
|
protocol: udp
|
|
port: 51820
|
|
workload:
|
|
main:
|
|
podSpec:
|
|
containers:
|
|
main:
|
|
probes:
|
|
liveness:
|
|
type: tcp
|
|
readiness:
|
|
type: tcp
|
|
startup:
|
|
type: tcp
|
|
env:
|
|
WG_HOST: "localhost"
|
|
PORT: "{{ .Values.service.main.ports.main.port }}"
|
|
WG_PORT: "{{ .Values.service.vpn.ports.vpn.port }}"
|
|
WG_MTU: 0
|
|
WG_PERSISTENT_KEEPALIVE: 0
|
|
WG_DEFAULT_ADDRESS: "10.8.0.x"
|
|
WG_DEFAULT_DNS: "1.1.1.1"
|
|
WG_ALLOWED_IPS: "0.0.0.0/0, ::/0"
|
|
# PASSWORD_HASH uses bcrypt. You can create a hash at https://bcrypt.online/
|
|
PASSWORD_HASH: "$2y$12$iPAVrWmmVshBbr6CpJWGw.wlpaulOsVMpb.Tdo53xnNrpZt.T9odK"
|
|
LANG: "en"
|
|
UI_TRAFFIC_STATS: "false"
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
mountPath: "/etc/wireguard"
|
|
portal:
|
|
open:
|
|
enabled: true
|