apiVersion: apps/v1 kind: StatefulSet metadata: name: headscale spec: serviceName: headscale replicas: 1 selector: matchLabels: app: headscale template: metadata: labels: app: headscale spec: containers: - name: headscale image: "headscale:latest" imagePullPolicy: IfNotPresent command: ["/go/bin/headscale", "serve"] env: - name: SERVER_URL value: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) - name: LISTEN_ADDR valueFrom: configMapKeyRef: name: headscale-config key: listen_addr - name: METRICS_LISTEN_ADDR valueFrom: configMapKeyRef: name: headscale-config key: metrics_listen_addr - name: METRICS_ENABLED valueFrom: configMapKeyRef: name: headscale-config key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT valueFrom: configMapKeyRef: name: headscale-config key: ephemeral_node_inactivity_timeout - name: DB_TYPE value: sqlite3 - name: DB_PATH value: /vol/data/db.sqlite ports: - name: http protocol: TCP containerPort: 8080 livenessProbe: tcpSocket: port: http initialDelaySeconds: 30 timeoutSeconds: 5 periodSeconds: 15 volumeMounts: - name: config mountPath: /vol/config - name: data mountPath: /vol/data - name: secret mountPath: /vol/secret - name: etc mountPath: /etc/headscale volumes: - name: config configMap: name: headscale-site - name: etc configMap: name: headscale-etc - name: secret secret: secretName: headscale volumeClaimTemplates: - metadata: name: data spec: storageClassName: local-path accessModes: ["ReadWriteOnce"] resources: requests: storage: 1Gi