apiVersion: apps/v1 kind: Deployment metadata: name: headscale spec: replicas: 2 selector: matchLabels: app: headscale template: metadata: labels: app: headscale spec: containers: - name: headscale image: "headscale:latest" imagePullPolicy: IfNotPresent command: ["/go/bin/headscale", "serve"] env: - name: SERVER_URL value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) - name: LISTEN_ADDR valueFrom: configMapKeyRef: name: headscale-config key: listen_addr - name: METRICS_LISTEN_ADDR valueFrom: configMapKeyRef: name: headscale-config key: metrics_listen_addr - name: METRICS_ENABLED valueFrom: configMapKeyRef: name: headscale-config key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT valueFrom: configMapKeyRef: name: headscale-config key: ephemeral_node_inactivity_timeout - name: DB_TYPE value: postgres - name: DB_HOST value: postgres.headscale.svc.cluster.local - name: DB_PORT value: "5432" - name: DB_USER value: headscale - name: DB_PASS valueFrom: secretKeyRef: name: postgresql key: password - name: DB_NAME value: headscale ports: - name: http protocol: TCP containerPort: 8080 livenessProbe: tcpSocket: port: http initialDelaySeconds: 30 timeoutSeconds: 5 periodSeconds: 15 volumeMounts: - name: config mountPath: /vol/config - name: secret mountPath: /vol/secret - name: etc mountPath: /etc/headscale volumes: - name: config configMap: name: headscale-site - name: etc configMap: name: headscale-etc - name: secret secret: secretName: headscale