Real sidecar perhaps with manual start
Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
This commit is contained in:
parent
3c3107b021
commit
f709eec878
1 changed files with 19 additions and 34 deletions
|
|
@ -16,10 +16,28 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
initContainers:
|
initContainers:
|
||||||
- image: ghcr.io/tailscale/tailscale:v1.80.3
|
- image: ghcr.io/tailscale/tailscale:v1.80.3
|
||||||
|
restartPolicy: Always # Sidecar
|
||||||
|
env:
|
||||||
|
- name: TS_KUBE_SECRET
|
||||||
|
value: tailscale
|
||||||
|
- name: TS_USERSPACE
|
||||||
|
value: "false"
|
||||||
|
- name: TS_OUTBOUND_HTTP_PROXY_LISTEN
|
||||||
|
value: "localhost:1055"
|
||||||
|
- name: TS_SOCKS5_SERVER
|
||||||
|
value: "localhost:1055"
|
||||||
|
- name: TS_EXTRA_ARGS
|
||||||
|
value: "--exit-node=100.90.55.121"
|
||||||
|
- name: TS_AUTHKEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
key: TS_AUTHKEY
|
||||||
|
name: tailscale-auth
|
||||||
|
optional: true
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
- -c
|
- -c
|
||||||
- mkdir -p /persist/var/lib/tailscale; touch /run/xtables.lock
|
- while sleep 1; do echo '.'; done
|
||||||
name: ts-prep
|
name: ts-prep
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsGroup: 0
|
runAsGroup: 0
|
||||||
|
|
@ -31,8 +49,6 @@ spec:
|
||||||
readOnly: true
|
readOnly: true
|
||||||
- mountPath: /persist
|
- mountPath: /persist
|
||||||
name: persist
|
name: persist
|
||||||
- mountPath: /run
|
|
||||||
name: runfolder
|
|
||||||
containers:
|
containers:
|
||||||
- image: qbittorrentofficial/qbittorrent-nox:latest
|
- image: qbittorrentofficial/qbittorrent-nox:latest
|
||||||
name: qbittorrent
|
name: qbittorrent
|
||||||
|
|
@ -57,23 +73,6 @@ spec:
|
||||||
value: "/config"
|
value: "/config"
|
||||||
- name: QBT_DOWNLOADS
|
- name: QBT_DOWNLOADS
|
||||||
value: "/downloads"
|
value: "/downloads"
|
||||||
- env:
|
|
||||||
- name: TS_KUBE_SECRET
|
|
||||||
value: tailscale
|
|
||||||
- name: TS_USERSPACE
|
|
||||||
value: "false"
|
|
||||||
- name: TS_OUTBOUND_HTTP_PROXY_LISTEN
|
|
||||||
value: "localhost:1055"
|
|
||||||
- name: TS_SOCKS5_SERVER
|
|
||||||
value: "localhost:1055"
|
|
||||||
- name: TS_EXTRA_ARGS
|
|
||||||
value: "--exit-node=100.90.55.121"
|
|
||||||
- name: TS_AUTHKEY
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: TS_AUTHKEY
|
|
||||||
name: tailscale-auth
|
|
||||||
optional: true
|
|
||||||
# livenessProbe:
|
# livenessProbe:
|
||||||
# exec:
|
# exec:
|
||||||
# command:
|
# command:
|
||||||
|
|
@ -82,20 +81,6 @@ spec:
|
||||||
# - 100.100.100.100
|
# - 100.100.100.100
|
||||||
# initialDelaySeconds: 120
|
# initialDelaySeconds: 120
|
||||||
# periodSeconds: 5
|
# periodSeconds: 5
|
||||||
image: ghcr.io/tailscale/tailscale:v1.80.3
|
|
||||||
name: ts-sidecar
|
|
||||||
securityContext:
|
|
||||||
runAsGroup: 0
|
|
||||||
runAsUser: 0
|
|
||||||
privileged: true
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
|
|
||||||
name: kube-api-access-t4rzn
|
|
||||||
readOnly: true
|
|
||||||
- mountPath: /persist
|
|
||||||
name: persist
|
|
||||||
- mountPath: /run
|
|
||||||
name: runfolder
|
|
||||||
preemptionPolicy: PreemptLowerPriority
|
preemptionPolicy: PreemptLowerPriority
|
||||||
priority: 0
|
priority: 0
|
||||||
serviceAccountName: tailscale
|
serviceAccountName: tailscale
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue