93 lines
1.5 KiB
YAML
93 lines
1.5 KiB
YAML
image:
|
|
repository: tailscale/tailscale
|
|
pullPolicy: IfNotPresent
|
|
tag: v1.36.0@sha256:4b3c5149c22c827351c7daa01c1c1fdd6c3ca7e0ce592ec001f0e07729168442
|
|
|
|
command:
|
|
- /usr/local/bin/containerboot
|
|
|
|
securityContext:
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
|
|
podSecurityContext:
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
|
|
serviceAccount:
|
|
main:
|
|
enabled: true
|
|
|
|
rbac:
|
|
main:
|
|
enabled: true
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
resourceNames:
|
|
- '{{ printf "%s-tailscale-secret" (include "tc.common.names.fullname" .) }}'
|
|
verbs:
|
|
- get
|
|
- update
|
|
- patch
|
|
|
|
envFrom:
|
|
- configMapRef:
|
|
name: '{{ include "tc.common.names.fullname" . }}-tailscale-config'
|
|
|
|
tailscale:
|
|
authkey: supersecret
|
|
auth_once: true
|
|
userspace: true
|
|
accept_dns: false
|
|
routes: ""
|
|
dest_ip: ""
|
|
sock5_server: ""
|
|
outbound_http_proxy_listen: ""
|
|
extra_args: ""
|
|
daemon_extra_args: ""
|
|
hostname: ""
|
|
advertise_as_exit_node: false
|
|
|
|
probes:
|
|
liveness:
|
|
enabled: false
|
|
readiness:
|
|
enabled: false
|
|
startup:
|
|
enabled: false
|
|
|
|
hostNetwork: true
|
|
|
|
service:
|
|
main:
|
|
enabled: false
|
|
ports:
|
|
main:
|
|
enabled: false
|
|
|
|
persistence:
|
|
varrun:
|
|
enabled: true
|
|
tun:
|
|
enabled: true
|
|
type: hostPath
|
|
hostPath: /dev/net/tun
|
|
mountPath: /dev/net/tun
|
|
hostPathType: ""
|
|
readOnly: false
|
|
|
|
portal:
|
|
enabled: false
|