mirror of
https://github.com/juanfont/headscale.git
synced 2025-10-31 08:01:34 +01:00
c64d756ea7
Tested with Rancher k3s. See k8s/README.md for site configuration and deployment instructions. Add cert-manager, tls, remote headscale script.
79 lines
2.0 KiB
YAML
79 lines
2.0 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: headscale
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app: headscale
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: headscale
|
|
spec:
|
|
containers:
|
|
- name: headscale
|
|
image: "headscale:latest"
|
|
imagePullPolicy: IfNotPresent
|
|
command: ["/go/bin/headscale", "serve"]
|
|
env:
|
|
- name: SERVER_URL
|
|
value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
|
|
- name: LISTEN_ADDR
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: headscale-config
|
|
key: listen_addr
|
|
- name: PRIVATE_KEY_PATH
|
|
value: /vol/secret/private-key
|
|
- name: DERP_MAP_PATH
|
|
value: /vol/config/derp.yaml
|
|
- name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: headscale-config
|
|
key: ephemeral_node_inactivity_timeout
|
|
- name: DB_TYPE
|
|
value: postgres
|
|
- name: DB_HOST
|
|
value: postgres.headscale.svc.cluster.local
|
|
- name: DB_PORT
|
|
value: "5432"
|
|
- name: DB_USER
|
|
value: headscale
|
|
- name: DB_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: postgresql
|
|
key: password
|
|
- name: DB_NAME
|
|
value: headscale
|
|
ports:
|
|
- name: http
|
|
protocol: TCP
|
|
containerPort: 8080
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
timeoutSeconds: 5
|
|
periodSeconds: 15
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /vol/config
|
|
- name: secret
|
|
mountPath: /vol/secret
|
|
- name: etc
|
|
mountPath: /etc/headscale
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
name: headscale-site
|
|
- name: etc
|
|
configMap:
|
|
name: headscale-etc
|
|
- name: secret
|
|
secret:
|
|
secretName: headscale
|