-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
146 lines (121 loc) · 3.03 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
replicaCount: 1
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: true
networkPolicy:
# Specifies whether a network policy should be created
create: true
annotations: {}
# The name of the network policy to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# Policy types
policyTypes:
# - Ingress
- Egress
# Policies for ingress and egress traffic.
# By default, we allow all ingress traffic and deny all egress traffic.
policies:
# ingress:
# - {}
egress: []
wireguard:
image:
repository: masipcat/wireguard-go
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
service:
type: LoadBalancer
port: 51820
# Specifies the cloud provider to set the appropriate predefined load balancer annotations (optional).
# At the moment, only DigitalOcean is supported. More providers to come.
provider: "DigitalOcean"
# Additional service annotations
annotations: {}
resources:
requests:
memory: 64Mi
cpu: "100m"
limits:
memory: 256Mi
cpu: "1"
# WireGuard environment variables
env:
- name: LOG_LEVEL
value: info
# Secret containing the WireGuard private key
privateKey:
secret:
name: wireguard-private-key
# Subnet mask used for the WireGuard interface
subnet: "10.44.0.0/16"
# MTU for the WireGuard interface
mtu: 1400
# List of peers
peers:
# - publicKey: "and3Fer174+pKVx8d0wCeVRf9MScXW3MypIAp4KLZWE="
# endpoint: 147.225.27.29:51821
# allowedIPs: "10.44.0.2/32"
# persistentKeepalive: 25
echoServer:
# Echo server is used to mock the TCP health check port for the load balancers which don't support UDP health checks
enabled: true
image:
repository: hashicorp/http-echo
pullPolicy: IfNotPresent
tag: "latest"
container:
port: 5678
command: []
args: ["-text=OK"]
env: []
service:
port: 80
resources:
requests:
memory: 64Mi
cpu: "100m"
limits:
memory: 256Mi
cpu: "100m"
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}