Run prettier
This commit is contained in:
parent
ba65092926
commit
6b3114ad6f
19 changed files with 263 additions and 257 deletions
|
@ -54,7 +54,6 @@ Suggestions/PRs welcomed!
|
||||||
|
|
||||||
Please have a look at the documentation under [`docs/`](docs/).
|
Please have a look at the documentation under [`docs/`](docs/).
|
||||||
|
|
||||||
|
|
||||||
## Disclaimer
|
## Disclaimer
|
||||||
|
|
||||||
1. We have nothing to do with Tailscale, or Tailscale Inc.
|
1. We have nothing to do with Tailscale, or Tailscale Inc.
|
||||||
|
@ -70,7 +69,7 @@ To contribute to Headscale you would need the lastest version of [Go](https://go
|
||||||
- Buf
|
- Buf
|
||||||
- Protobuf tools:
|
- Protobuf tools:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
make install-protobuf-plugins
|
make install-protobuf-plugins
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -81,6 +80,7 @@ Some parts of the project requires the generation of Go code from Protobuf (if c
|
||||||
```shell
|
```shell
|
||||||
make generate
|
make generate
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note**: Please check in changes from `gen/` in a separate commit to make it easier to review.
|
**Note**: Please check in changes from `gen/` in a separate commit to make it easier to review.
|
||||||
|
|
||||||
To run the tests:
|
To run the tests:
|
||||||
|
@ -261,5 +261,3 @@ make build
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
# If you plan to somehow use headscale, please deploy your own DERP infra: https://tailscale.com/kb/1118/custom-derp-servers/
|
# If you plan to somehow use headscale, please deploy your own DERP infra: https://tailscale.com/kb/1118/custom-derp-servers/
|
||||||
regions:
|
regions:
|
||||||
900:
|
900:
|
||||||
regionid: 900
|
regionid: 900
|
||||||
regioncode: custom
|
regioncode: custom
|
||||||
regionname: My Region
|
regionname: My Region
|
||||||
nodes:
|
nodes:
|
||||||
- name: 1a
|
- name: 1a
|
||||||
regionid: 1
|
regionid: 1
|
||||||
hostname: myderp.mydomain.no
|
hostname: myderp.mydomain.no
|
||||||
ipv4: 123.123.123.123
|
ipv4: 123.123.123.123
|
||||||
ipv6: "2604:a880:400:d1::828:b001"
|
ipv6: "2604:a880:400:d1::828:b001"
|
||||||
stunport: 0
|
stunport: 0
|
||||||
stunonly: false
|
stunonly: false
|
||||||
derptestport: 0
|
derptestport: 0
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
# Running headscale
|
# Running headscale
|
||||||
|
|
||||||
## Server configuration
|
## Server configuration
|
||||||
|
|
||||||
1. Download the headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your $PATH or use the docker container
|
1. Download the headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your $PATH or use the docker container
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
@ -18,10 +19,11 @@
|
||||||
```shell
|
```shell
|
||||||
mkdir config
|
mkdir config
|
||||||
```
|
```
|
||||||
|
|
||||||
3. Get yourself a DB
|
3. Get yourself a DB
|
||||||
|
|
||||||
a) Get a Postgres DB running in docker
|
a) Get a Postgres DB running in docker
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker run --name headscale \
|
docker run --name headscale \
|
||||||
-e POSTGRES_DB=headscale
|
-e POSTGRES_DB=headscale
|
||||||
|
@ -30,7 +32,9 @@
|
||||||
-p 5432:5432 \
|
-p 5432:5432 \
|
||||||
-d postgres
|
-d postgres
|
||||||
```
|
```
|
||||||
|
|
||||||
or b) Prepare a SQLite DB file
|
or b) Prepare a SQLite DB file
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
touch config/db.sqlite
|
touch config/db.sqlite
|
||||||
```
|
```
|
||||||
|
@ -41,7 +45,7 @@
|
||||||
wg genkey > config/private.key
|
wg genkey > config/private.key
|
||||||
|
|
||||||
cp config.yaml.[sqlite|postgres].example config/config.yaml
|
cp config.yaml.[sqlite|postgres].example config/config.yaml
|
||||||
|
|
||||||
cp derp-example.yaml config/derp.yaml
|
cp derp-example.yaml config/derp.yaml
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -81,16 +85,19 @@
|
||||||
-p 127.0.0.1:8080:8080 \
|
-p 127.0.0.1:8080:8080 \
|
||||||
headscale/headscale:x.x.x headscale serve
|
headscale/headscale:x.x.x headscale serve
|
||||||
```
|
```
|
||||||
|
|
||||||
## Nodes configuration
|
## Nodes configuration
|
||||||
|
|
||||||
If you used tailscale.com before in your nodes, make sure you clear the tailscaled data folder
|
If you used tailscale.com before in your nodes, make sure you clear the tailscaled data folder
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
systemctl stop tailscaled
|
systemctl stop tailscaled
|
||||||
rm -fr /var/lib/tailscale
|
rm -fr /var/lib/tailscale
|
||||||
systemctl start tailscaled
|
systemctl start tailscaled
|
||||||
```
|
```
|
||||||
|
|
||||||
### Adding node based on MACHINEKEY
|
### Adding node based on MACHINEKEY
|
||||||
|
|
||||||
1. Add your first machine
|
1. Add your first machine
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
|
@ -24,6 +24,7 @@ Configure DERP servers by editing `base/site/derp.yaml` if needed.
|
||||||
You'll somehow need to get `headscale:latest` into your cluster image registry.
|
You'll somehow need to get `headscale:latest` into your cluster image registry.
|
||||||
|
|
||||||
An easy way to do this with k3s:
|
An easy way to do this with k3s:
|
||||||
|
|
||||||
- Reconfigure k3s to use docker instead of containerd (`k3s server --docker`)
|
- Reconfigure k3s to use docker instead of containerd (`k3s server --docker`)
|
||||||
- `docker build -t headscale:latest ..` from here
|
- `docker build -t headscale:latest ..` from here
|
||||||
|
|
||||||
|
@ -61,7 +62,7 @@ Use the wrapper script to remotely operate headscale to perform administrative
|
||||||
tasks like creating namespaces, authkeys, etc.
|
tasks like creating namespaces, authkeys, etc.
|
||||||
|
|
||||||
```
|
```
|
||||||
[c@nix-slate:~/Projects/headscale/k8s]$ ./headscale.bash
|
[c@nix-slate:~/Projects/headscale/k8s]$ ./headscale.bash
|
||||||
|
|
||||||
headscale is an open source implementation of the Tailscale control server
|
headscale is an open source implementation of the Tailscale control server
|
||||||
|
|
||||||
|
|
|
@ -6,13 +6,13 @@ metadata:
|
||||||
kubernetes.io/ingress.class: traefik
|
kubernetes.io/ingress.class: traefik
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: $(PUBLIC_HOSTNAME)
|
- host: $(PUBLIC_HOSTNAME)
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- backend:
|
- backend:
|
||||||
service:
|
service:
|
||||||
name: headscale
|
name: headscale
|
||||||
port:
|
port:
|
||||||
number: 8080
|
number: 8080
|
||||||
path: /
|
path: /
|
||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
|
|
|
@ -1,42 +1,42 @@
|
||||||
namespace: headscale
|
namespace: headscale
|
||||||
resources:
|
resources:
|
||||||
- configmap.yaml
|
- configmap.yaml
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
- service.yaml
|
- service.yaml
|
||||||
generatorOptions:
|
generatorOptions:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: headscale-site
|
- name: headscale-site
|
||||||
files:
|
files:
|
||||||
- derp.yaml=site/derp.yaml
|
- derp.yaml=site/derp.yaml
|
||||||
envs:
|
envs:
|
||||||
- site/public.env
|
- site/public.env
|
||||||
- name: headscale-etc
|
- name: headscale-etc
|
||||||
literals:
|
literals:
|
||||||
- config.json={}
|
- config.json={}
|
||||||
secretGenerator:
|
secretGenerator:
|
||||||
- name: headscale
|
- name: headscale
|
||||||
files:
|
files:
|
||||||
- secrets/private-key
|
- secrets/private-key
|
||||||
vars:
|
vars:
|
||||||
- name: PUBLIC_PROTO
|
- name: PUBLIC_PROTO
|
||||||
objRef:
|
objRef:
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
name: headscale-site
|
name: headscale-site
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: data.public-proto
|
fieldPath: data.public-proto
|
||||||
- name: PUBLIC_HOSTNAME
|
- name: PUBLIC_HOSTNAME
|
||||||
objRef:
|
objRef:
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
name: headscale-site
|
name: headscale-site
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: data.public-hostname
|
fieldPath: data.public-hostname
|
||||||
- name: CONTACT_EMAIL
|
- name: CONTACT_EMAIL
|
||||||
objRef:
|
objRef:
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
name: headscale-site
|
name: headscale-site
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: data.contact-email
|
fieldPath: data.contact-email
|
||||||
|
|
|
@ -8,6 +8,6 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: headscale
|
app: headscale
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
targetPort: http
|
targetPort: http
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|
|
@ -13,66 +13,66 @@ spec:
|
||||||
app: headscale
|
app: headscale
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: headscale
|
- name: headscale
|
||||||
image: "headscale:latest"
|
image: "headscale:latest"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
command: ["/go/bin/headscale", "serve"]
|
command: ["/go/bin/headscale", "serve"]
|
||||||
env:
|
env:
|
||||||
- name: SERVER_URL
|
- name: SERVER_URL
|
||||||
value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
|
value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
|
||||||
- name: LISTEN_ADDR
|
- name: LISTEN_ADDR
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: headscale-config
|
name: headscale-config
|
||||||
key: listen_addr
|
key: listen_addr
|
||||||
- name: PRIVATE_KEY_PATH
|
- name: PRIVATE_KEY_PATH
|
||||||
value: /vol/secret/private-key
|
value: /vol/secret/private-key
|
||||||
- name: DERP_MAP_PATH
|
- name: DERP_MAP_PATH
|
||||||
value: /vol/config/derp.yaml
|
value: /vol/config/derp.yaml
|
||||||
- name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
|
- name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: headscale-config
|
name: headscale-config
|
||||||
key: ephemeral_node_inactivity_timeout
|
key: ephemeral_node_inactivity_timeout
|
||||||
- name: DB_TYPE
|
- name: DB_TYPE
|
||||||
value: postgres
|
value: postgres
|
||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
value: postgres.headscale.svc.cluster.local
|
value: postgres.headscale.svc.cluster.local
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
value: "5432"
|
value: "5432"
|
||||||
- name: DB_USER
|
- name: DB_USER
|
||||||
value: headscale
|
value: headscale
|
||||||
- name: DB_PASS
|
- name: DB_PASS
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: postgresql
|
name: postgresql
|
||||||
key: password
|
key: password
|
||||||
- name: DB_NAME
|
- name: DB_NAME
|
||||||
value: headscale
|
value: headscale
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
containerPort: 8080
|
containerPort: 8080
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: http
|
port: http
|
||||||
initialDelaySeconds: 30
|
initialDelaySeconds: 30
|
||||||
timeoutSeconds: 5
|
timeoutSeconds: 5
|
||||||
periodSeconds: 15
|
periodSeconds: 15
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config
|
- name: config
|
||||||
mountPath: /vol/config
|
mountPath: /vol/config
|
||||||
- name: secret
|
- name: secret
|
||||||
mountPath: /vol/secret
|
mountPath: /vol/secret
|
||||||
- name: etc
|
- name: etc
|
||||||
mountPath: /etc/headscale
|
mountPath: /etc/headscale
|
||||||
volumes:
|
volumes:
|
||||||
- name: config
|
- name: config
|
||||||
configMap:
|
configMap:
|
||||||
name: headscale-site
|
name: headscale-site
|
||||||
- name: etc
|
- name: etc
|
||||||
configMap:
|
configMap:
|
||||||
name: headscale-etc
|
name: headscale-etc
|
||||||
- name: secret
|
- name: secret
|
||||||
secret:
|
secret:
|
||||||
secretName: headscale
|
secretName: headscale
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
namespace: headscale
|
namespace: headscale
|
||||||
bases:
|
bases:
|
||||||
- ../base
|
- ../base
|
||||||
resources:
|
resources:
|
||||||
- deployment.yaml
|
- deployment.yaml
|
||||||
- postgres-service.yaml
|
- postgres-service.yaml
|
||||||
- postgres-statefulset.yaml
|
- postgres-statefulset.yaml
|
||||||
generatorOptions:
|
generatorOptions:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
secretGenerator:
|
secretGenerator:
|
||||||
- name: postgresql
|
- name: postgresql
|
||||||
files:
|
files:
|
||||||
- secrets/password
|
- secrets/password
|
||||||
|
|
|
@ -8,6 +8,6 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: postgres
|
app: postgres
|
||||||
ports:
|
ports:
|
||||||
- name: postgres
|
- name: postgres
|
||||||
targetPort: postgres
|
targetPort: postgres
|
||||||
port: 5432
|
port: 5432
|
||||||
|
|
|
@ -14,36 +14,36 @@ spec:
|
||||||
app: postgres
|
app: postgres
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: postgres
|
|
||||||
image: "postgres:13"
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: POSTGRES_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgresql
|
|
||||||
key: password
|
|
||||||
- name: POSTGRES_USER
|
|
||||||
value: headscale
|
|
||||||
ports:
|
|
||||||
- name: postgres
|
- name: postgres
|
||||||
protocol: TCP
|
image: "postgres:13"
|
||||||
containerPort: 5432
|
imagePullPolicy: IfNotPresent
|
||||||
livenessProbe:
|
env:
|
||||||
tcpSocket:
|
- name: POSTGRES_PASSWORD
|
||||||
port: 5432
|
valueFrom:
|
||||||
initialDelaySeconds: 30
|
secretKeyRef:
|
||||||
timeoutSeconds: 5
|
name: postgresql
|
||||||
periodSeconds: 15
|
key: password
|
||||||
volumeMounts:
|
- name: POSTGRES_USER
|
||||||
- name: pgdata
|
value: headscale
|
||||||
mountPath: /var/lib/postgresql/data
|
ports:
|
||||||
|
- name: postgres
|
||||||
|
protocol: TCP
|
||||||
|
containerPort: 5432
|
||||||
|
livenessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: 5432
|
||||||
|
initialDelaySeconds: 30
|
||||||
|
timeoutSeconds: 5
|
||||||
|
periodSeconds: 15
|
||||||
|
volumeMounts:
|
||||||
|
- name: pgdata
|
||||||
|
mountPath: /var/lib/postgresql/data
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: pgdata
|
name: pgdata
|
||||||
spec:
|
spec:
|
||||||
storageClassName: local-path
|
storageClassName: local-path
|
||||||
accessModes: ["ReadWriteOnce"]
|
accessModes: ["ReadWriteOnce"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
|
|
|
@ -6,6 +6,6 @@ metadata:
|
||||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- $(PUBLIC_HOSTNAME)
|
- $(PUBLIC_HOSTNAME)
|
||||||
secretName: production-cert
|
secretName: production-cert
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
namespace: headscale
|
namespace: headscale
|
||||||
bases:
|
bases:
|
||||||
- ../base
|
- ../base
|
||||||
resources:
|
resources:
|
||||||
- production-issuer.yaml
|
- production-issuer.yaml
|
||||||
patches:
|
patches:
|
||||||
- path: ingress-patch.yaml
|
- path: ingress-patch.yaml
|
||||||
target:
|
target:
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
|
|
@ -11,6 +11,6 @@ spec:
|
||||||
# Secret resource used to store the account's private key.
|
# Secret resource used to store the account's private key.
|
||||||
name: letsencrypt-production-acc-key
|
name: letsencrypt-production-acc-key
|
||||||
solvers:
|
solvers:
|
||||||
- http01:
|
- http01:
|
||||||
ingress:
|
ingress:
|
||||||
class: traefik
|
class: traefik
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
namespace: headscale
|
namespace: headscale
|
||||||
bases:
|
bases:
|
||||||
- ../base
|
- ../base
|
||||||
resources:
|
resources:
|
||||||
- statefulset.yaml
|
- statefulset.yaml
|
||||||
|
|
|
@ -14,66 +14,66 @@ spec:
|
||||||
app: headscale
|
app: headscale
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: headscale
|
- name: headscale
|
||||||
image: "headscale:latest"
|
image: "headscale:latest"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
command: ["/go/bin/headscale", "serve"]
|
command: ["/go/bin/headscale", "serve"]
|
||||||
env:
|
env:
|
||||||
- name: SERVER_URL
|
- name: SERVER_URL
|
||||||
value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
|
value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
|
||||||
- name: LISTEN_ADDR
|
- name: LISTEN_ADDR
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: headscale-config
|
name: headscale-config
|
||||||
key: listen_addr
|
key: listen_addr
|
||||||
- name: PRIVATE_KEY_PATH
|
- name: PRIVATE_KEY_PATH
|
||||||
value: /vol/secret/private-key
|
value: /vol/secret/private-key
|
||||||
- name: DERP_MAP_PATH
|
- name: DERP_MAP_PATH
|
||||||
value: /vol/config/derp.yaml
|
value: /vol/config/derp.yaml
|
||||||
- name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
|
- name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: headscale-config
|
name: headscale-config
|
||||||
key: ephemeral_node_inactivity_timeout
|
key: ephemeral_node_inactivity_timeout
|
||||||
- name: DB_TYPE
|
- name: DB_TYPE
|
||||||
value: sqlite3
|
value: sqlite3
|
||||||
- name: DB_PATH
|
- name: DB_PATH
|
||||||
value: /vol/data/db.sqlite
|
value: /vol/data/db.sqlite
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
containerPort: 8080
|
containerPort: 8080
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: http
|
port: http
|
||||||
initialDelaySeconds: 30
|
initialDelaySeconds: 30
|
||||||
timeoutSeconds: 5
|
timeoutSeconds: 5
|
||||||
periodSeconds: 15
|
periodSeconds: 15
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config
|
- name: config
|
||||||
mountPath: /vol/config
|
mountPath: /vol/config
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /vol/data
|
mountPath: /vol/data
|
||||||
- name: secret
|
- name: secret
|
||||||
mountPath: /vol/secret
|
mountPath: /vol/secret
|
||||||
- name: etc
|
- name: etc
|
||||||
mountPath: /etc/headscale
|
mountPath: /etc/headscale
|
||||||
volumes:
|
volumes:
|
||||||
- name: config
|
- name: config
|
||||||
configMap:
|
configMap:
|
||||||
name: headscale-site
|
name: headscale-site
|
||||||
- name: etc
|
- name: etc
|
||||||
configMap:
|
configMap:
|
||||||
name: headscale-etc
|
name: headscale-etc
|
||||||
- name: secret
|
- name: secret
|
||||||
secret:
|
secret:
|
||||||
secretName: headscale
|
secretName: headscale
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: data
|
name: data
|
||||||
spec:
|
spec:
|
||||||
storageClassName: local-path
|
storageClassName: local-path
|
||||||
accessModes: ["ReadWriteOnce"]
|
accessModes: ["ReadWriteOnce"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 1Gi
|
storage: 1Gi
|
||||||
|
|
|
@ -6,6 +6,6 @@ metadata:
|
||||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- $(PUBLIC_HOSTNAME)
|
- $(PUBLIC_HOSTNAME)
|
||||||
secretName: staging-cert
|
secretName: staging-cert
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
namespace: headscale
|
namespace: headscale
|
||||||
bases:
|
bases:
|
||||||
- ../base
|
- ../base
|
||||||
resources:
|
resources:
|
||||||
- staging-issuer.yaml
|
- staging-issuer.yaml
|
||||||
patches:
|
patches:
|
||||||
- path: ingress-patch.yaml
|
- path: ingress-patch.yaml
|
||||||
target:
|
target:
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
|
|
@ -11,6 +11,6 @@ spec:
|
||||||
# Secret resource used to store the account's private key.
|
# Secret resource used to store the account's private key.
|
||||||
name: letsencrypt-staging-acc-key
|
name: letsencrypt-staging-acc-key
|
||||||
solvers:
|
solvers:
|
||||||
- http01:
|
- http01:
|
||||||
ingress:
|
ingress:
|
||||||
class: traefik
|
class: traefik
|
||||||
|
|
Loading…
Reference in a new issue