-
Janne Mareike Koschinski authoredJanne Mareike Koschinski authored
deployment.yaml 2.55 KiB
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "wg-access-server-helm.fullname" . }}
labels:
{{- include "wg-access-server-helm.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "wg-access-server-helm.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "wg-access-server-helm.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
volumes:
- name: tun
hostPath:
type: 'CharDevice'
path: /dev/net/tun
- name: data
{{- .Values.volume | nindent 10 }}
- name: config
configMap:
name: {{ include "wg-access-server-helm.fullname" . }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
envFrom:
- secretRef:
name: {{ include "wg-access-server-helm.fullname" . }}
ports:
- name: http
containerPort: 8000
protocol: TCP
- name: wireguard
containerPort: 51820
protocol: UDP
startupProbe:
httpGet:
path: /
port: http
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: tun
mountPath: /dev/net/tun
- mountPath: "/config.yaml"