jahanson/theshire
Archived
1
0
Fork 0
Code Issues 1 Pull requests 19 Projects Releases Packages Wiki Activity Actions

adding tailscale

Browse source
This commit is contained in:
Joseph Hanson 2025-01-06 00:39:46 -06:00
parent 2136232bd1
commit 5645cad7cb
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
6 changed files with 43 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
kubernetes/apps/tailscale/tailscale/cluster/connector.yaml
View file

@ -0,0 +1,14 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/tailscale.com/connector_v1alpha1.json
apiVersion: tailscale.com/v1alpha1
kind: Connector
metadata:
name: connector
spec:
hostname: theshire-connector
exitNode: true
proxyClass: kernel-org-tun
subnetRouter:
advertiseRoutes:
- "10.5.0.0/16" # load-balancers
- "10.4.0.0/16" # services

7
kubernetes/apps/tailscale/tailscale/cluster/kustomization.yaml Normal file
View file

@ -0,0 +1,7 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./connector.yaml
- ./proxyclass.yaml

1
kubernetes/apps/tailscale/tailscale/cluster/proxygroup.yaml → kubernetes/apps/tailscale/tailscale/cluster/proxyclass.yaml
View file

@ -1,4 +1,5 @@
--- ---
# yaml-language-server: $schema=https://ks.hsn.dev/tailscale.com/proxyclass_v1alpha1.json
apiVersion: tailscale.com/v1alpha1 apiVersion: tailscale.com/v1alpha1
kind: ProxyClass kind: ProxyClass
metadata: metadata:

5
kubernetes/apps/tailscale/tailscale/externalsecret.yaml → kubernetes/apps/tailscale/tailscale/operator/externalsecret.yaml
View file

@ -10,6 +10,11 @@ spec:
name: onepassword-connect name: onepassword-connect
target: target:
name: k8s-operator-oauth-secret name: k8s-operator-oauth-secret
template:
engineVersion: v2
data:
OAUTH_CLIENT_ID: "{{ .k8s-theshire-oauth-clientid }}"
OAUTH_CLIENT_SECRET: "{{ .k8s-theshire-oauth-clientsecret }}"
dataFrom: dataFrom:
- extract: - extract:
key: k8s-operator-oauth key: k8s-operator-oauth

9
kubernetes/apps/tailscale/tailscale/operator/helmrelease.yaml
View file

@ -20,6 +20,15 @@ spec:
crds: CreateReplace crds: CreateReplace
upgrade: upgrade:
crds: CreateReplace crds: CreateReplace
valuesFrom:
- kind: Secret
name: k8s-operator-oauth-secret
valuesKey: OAUTH_CLIENT_ID
targetPath: oauth.clientId
- kind: Secret
name: k8s-operator-oauth-secret
valuesKey: OAUTH_CLIENT_SECRET
targetPath: oauth.clientSecret
values: values:
operatorConfig: operatorConfig:
defaultTags: defaultTags:

7
kubernetes/apps/tailscale/tailscale/operator/kustomization.yaml Normal file
View file

@ -0,0 +1,7 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./externalsecret.yaml
- ./helmrelease.yaml