apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: headscale
spec:
  serviceName: headscale
  replicas: 1
  selector:
    matchLabels:
      app: headscale
  template:
    metadata:
      labels:
        app: headscale
    spec:
      containers:
      - name: headscale
        image: "headscale:latest"
        imagePullPolicy: IfNotPresent
        command: ["/go/bin/headscale", "serve"]
        env:
        - name: SERVER_URL
          value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME)
        - name: LISTEN_ADDR
          valueFrom:
            configMapKeyRef:
              name: headscale-config
              key: listen_addr
        - name: PRIVATE_KEY_PATH
          value: /vol/secret/private-key
        - name: DERP_MAP_PATH
          value: /vol/config/derp.yaml
        - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT
          valueFrom:
            configMapKeyRef:
              name: headscale-config
              key: ephemeral_node_inactivity_timeout
        - name: DB_TYPE
          value: sqlite3
        - name: DB_PATH
          value: /vol/data/db.sqlite
        ports:
        - name: http
          protocol: TCP
          containerPort: 8080
        livenessProbe:
          tcpSocket:
            port: http
          initialDelaySeconds: 30
          timeoutSeconds: 5
          periodSeconds: 15
        volumeMounts:
        - name: config
          mountPath: /vol/config
        - name: data
          mountPath: /vol/data
        - name: secret
          mountPath: /vol/secret
        - name: etc
          mountPath: /etc/headscale
      volumes:
      - name: config
        configMap:
          name: headscale-site
      - name: etc
        configMap:
          name: headscale-etc
      - name: secret
        secret:
          secretName: headscale
  volumeClaimTemplates:
  - metadata:
      name: data
    spec:
      storageClassName: local-path
      accessModes: ["ReadWriteOnce"]
      resources:
        requests:
          storage: 1Gi