master-group/charts
2
0
Fork 0
mirror of https://github.com/k8s-at-home/charts.git synced 2025-02-03 07:49:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

[common] Use k8s-at-home wireguard image (#140)

Browse Source
This commit is contained in:
Bernd Schörgers 2020-11-11 19:26:31 +01:00 committed by GitHub
parent 407949920e
commit 62955c1d38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 28 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/common/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: common name: common
description: Function library for k8s-at-home charts description: Function library for k8s-at-home charts
type: library type: library
version: 1.1.0 version: 1.2.0
keywords: keywords:
- k8s-at-home - k8s-at-home
- common - common

12
charts/common/templates/addons/vpn/openvpn/_container.tpl
View File

@ -5,15 +5,15 @@ The OpenVPN container(s) to be inserted
name: openvpn name: openvpn
image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}" image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }} imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext: securityContext:
capabilities: {{- toYaml . | nindent 2 }}
add: {{- end }}
- NET_ADMIN
{{- with .Values.addons.vpn.env }} {{- with .Values.addons.vpn.env }}
env: env:
{{- range $k, $v := . }} {{- range $k, $v := . }}
- name: {{ $k }} - name: {{ $k }}
value: {{ $v }} value: {{ $v | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if or .Values.addons.vpn.openvpn.auth .Values.addons.vpn.openvpn.authSecret }} {{- if or .Values.addons.vpn.openvpn.auth .Values.addons.vpn.openvpn.authSecret }}
@ -52,10 +52,10 @@ volumeMounts:
{{- end }} {{- end }}
{{- with .Values.addons.vpn.livenessProbe }} {{- with .Values.addons.vpn.livenessProbe }}
livenessProbe: livenessProbe:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 2 }}
{{- end -}} {{- end -}}
{{- with .Values.addons.vpn.resources }} {{- with .Values.addons.vpn.resources }}
resources: resources:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 2 }}
{{- end }} {{- end }}
{{- end -}} {{- end -}}

2
charts/common/templates/addons/vpn/wireguard/_addon.tpl
View File

@ -3,7 +3,7 @@ Template to render Wireguard addon
*/}} */}}
{{- define "common.addon.wireguard" -}} {{- define "common.addon.wireguard" -}}
{{/* Append the Wireguard container to the additionalContainers */}} {{/* Append the Wireguard container to the additionalContainers */}}
{{- $container := include "common.addon.wireguard.container" . | fromYaml -}} {{- $container := fromYaml (include "common.addon.wireguard.container" .) -}}
{{- if $container -}} {{- if $container -}}
{{- $additionalContainers := append .Values.additionalContainers $container -}} {{- $additionalContainers := append .Values.additionalContainers $container -}}
{{- $_ := set .Values "additionalContainers" $additionalContainers -}} {{- $_ := set .Values "additionalContainers" $additionalContainers -}}

16
charts/common/templates/addons/vpn/wireguard/_container.tpl
View File

@ -5,24 +5,22 @@ The Wireguard container(s) to be inserted
name: wireguard name: wireguard
image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}" image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }} imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext: securityContext:
privileged: true {{- toYaml . | nindent 2 }}
capabilities: {{- end }}
add:
- NET_ADMIN
- SYS_MODULE
{{- with .Values.addons.vpn.env }} {{- with .Values.addons.vpn.env }}
env: env:
{{- range $k, $v := . }} {{- range $k, $v := . }}
- name: {{ $k }} - name: {{ $k }}
value: {{ $v }} value: {{ $v | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }} {{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
volumeMounts: volumeMounts:
{{- if .Values.addons.vpn.configFile }} {{- if .Values.addons.vpn.configFile }}
- name: vpnconfig - name: vpnconfig
mountPath: /config/wg0.conf mountPath: /etc/wireguard/wg0.conf
subPath: vpnConfigfile subPath: vpnConfigfile
{{- end }} {{- end }}
{{- if .Values.addons.vpn.scripts.up }} {{- if .Values.addons.vpn.scripts.up }}
@ -45,10 +43,10 @@ volumeMounts:
{{- end }} {{- end }}
{{- with .Values.addons.vpn.livenessProbe }} {{- with .Values.addons.vpn.livenessProbe }}
livenessProbe: livenessProbe:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 2 }}
{{- end -}} {{- end -}}
{{- with .Values.addons.vpn.resources }} {{- with .Values.addons.vpn.resources }}
resources: resources:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 2 }}
{{- end }} {{- end }}
{{- end -}} {{- end -}}

6
charts/common/templates/lib/controller/_volumes.tpl
View File

@ -6,15 +6,15 @@ volumes included by the controller
{{- if $persistence.enabled }} {{- if $persistence.enabled }}
- name: {{ $index }} - name: {{ $index }}
{{- if $persistence.existingClaim }} {{- if $persistence.existingClaim }}
{{/* Always prefer an existingClaim if that is set */}} {{- /* Always prefer an existingClaim if that is set */}}
persistentVolumeClaim: persistentVolumeClaim:
claimName: {{ $persistence.existingClaim }} claimName: {{ $persistence.existingClaim }}
{{- else -}} {{- else -}}
{{- if $persistence.emptyDir -}} {{- if $persistence.emptyDir -}}
{{/* Always prefer an emptyDir next if that is set */}} {{- /* Always prefer an emptyDir next if that is set */}}
emptyDir: {} emptyDir: {}
{{- else -}} {{- else -}}
{{/* Otherwise refer to the PVC name */}} {{- /* Otherwise refer to the PVC name */}}
persistentVolumeClaim: persistentVolumeClaim:
{{- if $persistence.nameSuffix }} {{- if $persistence.nameSuffix }}
claimName: {{ printf "%s-%s" (include "common.names.fullname" $) $persistence.nameSuffix }} claimName: {{ printf "%s-%s" (include "common.names.fullname" $) $persistence.nameSuffix }}

13
charts/common/values.yaml
View File

@ -154,14 +154,21 @@ addons:
# under the VPN_AUTH key # under the VPN_AUTH key
authSecret: # my-vpn-secret authSecret: # my-vpn-secret
# OpenVPN specific configuration # WireGuard specific configuration
wireguard: wireguard:
image: image:
repository: linuxserver/wireguard repository: k8sathome/wireguard
tag: version-v1.0.20200827 tag: 1.0.20200827
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
# Set the VPN container securityContext
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
# All variables specified here will be added to the vpn sidecar container # All variables specified here will be added to the vpn sidecar container
# See the documentation of the VPN image for all config values # See the documentation of the VPN image for all config values
env: {} env: {}