59 lines
1.2 KiB
YAML
59 lines
1.2 KiB
YAML
|
image:
|
||
|
|
repository: ghcr.io/k8s-at-home/wireguard
|
||
|
|
tag: v1.0.20210914@sha256:4dd54954cbd06d92d8c8fc6b10871eb07a0c1869edfe7a15029f1a7d3178d432
|
||
|
|
pullPolicy: IfNotPresent
|
||
|
|
wg:
|
||
|
|
killswitch: false
|
||
|
|
excludedIP4networks: []
|
||
|
|
excludedIP6networks: []
|
||
|
|
# Leave empty if you going to use the paste your config bellow
|
||
|
|
configFileHostPath: ""
|
||
|
|
config:
|
||
|
|
enabled: false
|
||
|
|
# Your wg config here eg:
|
||
|
|
data: |
|
||
|
|
[Interface]
|
||
|
|
Address = 10.0.0.1/24
|
||
|
|
ListenPort = 51820
|
||
|
|
PrivateKey = PRIVATE_KEY
|
||
|
|
|
||
|
|
[Peer]
|
||
|
|
PublicKey = PUBLIC_KEY
|
||
|
|
AllowedIPs = 0.0.0.0/0
|
||
|
|
Endpoint = wg.example:51820
|
||
|
|
service:
|
||
|
|
main:
|
||
|
|
ports:
|
||
|
|
main:
|
||
|
|
port: 51821
|
||
|
|
targetPort: 51820
|
||
|
|
protocol: udp
|
||
|
|
portal:
|
||
|
|
open:
|
||
|
|
enabled: false
|
||
|
|
securityContext:
|
||
|
|
container:
|
||
|
|
runAsNonRoot: false
|
||
|
|
readOnlyRootFilesystem: false
|
||
|
|
capabilities:
|
||
|
|
add:
|
||
|
|
- NET_ADMIN
|
||
|
|
- SYS_MODULE
|
||
|
|
runAsUser: 0
|
||
|
|
runAsGroup: 0
|
||
|
|
workload:
|
||
|
|
main:
|
||
|
|
podSpec:
|
||
|
|
containers:
|
||
|
|
main:
|
||
|
|
probes:
|
||
|
|
liveness:
|
||
|
|
enabled: false
|
||
|
|
readiness:
|
||
|
|
enabled: false
|
||
|
|
startup:
|
||
|
|
enabled: false
|
||
|
|
envFrom:
|
||
|
|
- configMapRef:
|
||
|
|
name: "wg-env-config"
|