also fix-up tailscale

This commit is contained in:
Kjeld Schouten-Lebbing
2023-02-18 21:34:21 +01:00
parent 26849c599f
commit 323478eddb
6 changed files with 17 additions and 46 deletions

View File

@@ -13,9 +13,5 @@ It will include / inject the required templates based on the given values.
{{- include "tc.v1.common.addon.tailscale" . }}
{{- end -}}
{{- if ne "tailscale" .Values.addons.vpn.type -}}
{{- $_ := set .Values.persistence "vpnconfig" .Values.addons.vpn.configFile -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -2,12 +2,10 @@
Template to render Tailscale addon. It will add the container to the list of additionalContainers.
*/}}
{{- define "tc.v1.common.addon.tailscale" -}}
{{/* Append the Tailscale container to the additionalContainers */}}
{{- $container := (include "tc.v1.common.addon.tailscale.container" . | fromYaml) -}}
{{- define "tc.v1.common.addon.vpn.tailscale" -}}
{{/* Append the code-server container to the additionalContainers */}}
{{- $container := include "tc.v1.common.addon.vpn.tailscale.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "tailscale" $container -}}
{{- include "tailscale.secret" . -}}
{{- $_ := set .Values.persistence (printf "%v-%v" .Release.Name "tailscale" ) (include "tailscale.addon.persistence" . | fromYaml) -}}
{{- $_ := set .Values.workload.main.podSpec.containers "vpn" $container -}}
{{- end -}}
{{- end -}}

View File

@@ -1,8 +1,7 @@
{{/*
The Tailscale sidecar container to be inserted.
*/}}
{{- define "tc.v1.common.addon.tailscale.container" -}}
{{- $secretName := printf "%s-tailscale-secret" (include "tc.v1.common.names.fullname" .) }}
{{- define "tc.v1.common.addon.vpn.tailscale.container" -}}
name: tailscale
imageSelector: "tailscaleImage"
imagePullPolicy: {{ .Values.tailscaleImage.pullPolicy }}
@@ -28,7 +27,7 @@ securityContext:
envFrom:
- secretRef:
name: {{ $secretName }}
name: tailscale-secret
{{/*
Set KUBE_SECRET to empty string to force tailscale
@@ -62,6 +61,9 @@ env:
{{- with .Values.addons.vpn.tailscale.daemon_extra_args }}
TS_TAILSCALED_EXTRA_ARGS: {{ . | quote }}
{{- end -}}
{{- with .Values.addons.vpn.tailscale.authkey }}
TS_AUTH_KEY: {{ . | b64enc }}
{{- end }}
{{- range $envList := .Values.addons.vpn.envList -}}
{{- if and $envList.name $envList.value }}
@@ -77,17 +79,9 @@ env:
{{- end -}}
{{- end }}
volumeMounts:
- mountPath: {{ .Values.persistence.shared.mountPath }}
name: shared
- mountPath: /var/lib/tailscale
name: {{ printf "%v-%v" .Release.Name "tailscale" }}
{{- with .Values.addons.vpn.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- with .Values.addons.vpn.resources }}
resources:
inherit: true
{{- end -}}
{{- end -}}

View File

@@ -1,6 +0,0 @@
{{- define "tailscale.addon.persistence" -}}
enabled: true
mountPath: /var/lib/tailscale
type: emptyDir
noMount: true
{{- end -}}

View File

@@ -1,17 +0,0 @@
{{/* Define the secret */}}
{{- define "tailscale.secret" -}}
{{- $secretName := printf "%s-tailscale-secret" (include "tc.v1.common.names.fullname" .) }}
---
{{/* This secrets are loaded on tailscale */}}
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ $secretName }}
data:
{{- with .Values.addons.vpn.tailscale.authkey }}
TS_AUTH_KEY: {{ . | b64enc }}
{{- end }}
{{- end }}

View File

@@ -216,7 +216,13 @@ persistence:
main:
vpn:
mountPath: /vpn/mnt/
tailscale:
enabled: '{{ if eq .Values.addons.vpn.type "tailscale" }}'
type: emptyDir
targetSelector:
main:
vpn:
mountPath: /var/lib/tailscale
# -- Injected from SCALE middleware