commit

helm/templates/deployment.yaml

@@ -18,11 +18,15 @@ spec:
       labels:
         {{- include "openvpn.selectorLabels" . | nindent 8 }}
     spec:
+      securityContext:
+        sysctls:
+        - name: net.ipv4.ip_forward
+          value: "1"
       {{- if .Values.registry_secret_data }}
       imagePullSecrets:
       - name: {{ include "openvpn.fullname" . }}-registry-secret
       {{- end }}
-      hostNetwork: true
+#      hostNetwork: true
       {{- if .Values.openvpn.scripts.initscript }}
       initContainers:
         - name: {{ .Chart.Name }}-init
@@ -36,6 +40,7 @@ spec:
             capabilities:
               add:
                 - NET_ADMIN
+                - MKNOD
       {{- end }}
       containers:
         - name: {{ .Chart.Name }}
@@ -55,6 +60,7 @@ spec:
             capabilities:
               add:
                 - NET_ADMIN
+                - MKNOD
           image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}"
           imagePullPolicy: {{ .Values.openvpn.pullPolicy }}
           env:
@@ -89,6 +95,7 @@ spec:
             capabilities:
               add:
                 - NET_ADMIN
+                - MKNOD
         {{- end }}
       volumes:
       - name: keys