dvirlabs/my-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
my-apps/charts/common/templates/addons/_tailscale.tpl
dvirlabs fc5a2c354b Back to old ver
2025-08-24 00:09:37 +03:00

57 lines
2.2 KiB
Smarty
Raw Blame History

{{/*
Template to render VPN addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "tc.v1.common.addon.tailscale" -}}
{{- $ts := $.Values.addons.tailscale -}}
{{- if $ts.enabled -}}
{{- $secContext := dict -}}
{{- $_ := set $secContext "runAsUser" 0 -}}
{{- $_ := set $secContext "runAsGroup" 0 -}}
{{- $_ := set $secContext "runAsNonRoot" true -}}
{{- $_ := set $secContext "readOnlyRootFilesystem" false -}}
{{- if and $ts.container.env ($ts.container.env.TS_USERSPACE) -}}
{{- $_ := set $secContext "runAsUser" 1000 -}}
{{- $_ := set $secContext "runAsGroup" 1000 -}}
{{- $_ := set $secContext "runAsNonRoot" false -}}
{{- $_ := set $secContext "readOnlyRootFilesystem" true -}}
{{- end -}}
{{- $newSecContext := $ts.container.securityContext -}}
{{- $newSecContext = mustMergeOverwrite $newSecContext $secContext -}}
{{- $_ := set $ts.container "securityContext" $newSecContext -}}
{{- $targetSelector := list "main" -}}
{{- if $ts.targetSelector -}}
{{- $targetSelector = $ts.targetSelector -}}
{{- end -}}
{{/* Append the vpn container to the workloads */}}
{{- range $targetSelector -}}
{{/* FIXME: https://github.com/tailscale/tailscale/issues/8188 */}}
{{- $workload := get $.Values.workload . -}}
{{- $_ := set $workload.podSpec "automountServiceAccountToken" true -}}
{{- $_ := set $workload.podSpec.containers "tailscale" $ts.container -}}
{{- end -}}
{{- $persistence := $.Values.persistence.tailscalestate | default dict -}}
{{- $_ := set $persistence "enabled" true -}}
{{- if not $persistence.type -}}
{{- $_ := set $persistence "type" "emptyDir" -}}
{{- end -}}
{{- if not $persistence.targetSelector -}}
{{- $_ := set $persistence "targetSelector" dict -}}
{{- end -}}
{{- $selectorValue := (dict "tailscale" (dict "mountPath" "/var/lib/tailscale")) -}}
{{- range $targetSelector -}}
{{- $_ := set $persistence.targetSelector . $selectorValue -}}
{{- end -}}
{{/* Append the empty dir tailscale to the persistence */}}
{{- $_ := set $.Values.persistence "tailscalestate" $persistence -}}
{{- end -}}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink