apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "openvpn.fullname" . }} labels: {{- include "openvpn.labels" . | nindent 4 }} spec: replicas: 1 selector: matchLabels: {{- include "openvpn.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.openvpn.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "openvpn.selectorLabels" . | nindent 8 }} spec: {{- if .Values.registry_secret_data }} imagePullSecrets: - name: {{ include "openvpn.fullname" . }}-registry-secret {{- end }} hostNetwork: true containers: - name: {{ .Chart.Name }} {{- if .Values.openvpn.scripts.startscript }} command: ["/scripts/startscript"] {{- end }} {{- if .Values.openvpn.scripts.healthcheck }} livenessProbe: exec: command: - /scripts/healthcheck initialDelaySeconds: 20 periodSeconds: 60 failureThreshold: 5 {{- end }} securityContext: capabilities: add: - NET_ADMIN image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}" imagePullPolicy: {{ .Values.openvpn.pullPolicy }} env: - name: TZ value: Europe/Moscow resources: {{- toYaml .Values.openvpn.resources | nindent 12 }} volumeMounts: - name: keys mountPath: /etc/openvpn/keys/ - name: ccd mountPath: /etc/openvpn/ccd/ - name: configuration mountPath: /etc/openvpn/configuration/ {{- if .Values.openvpn.scripts }} - name: scripts mountPath: /scripts/ {{- end }} volumes: - name: keys secret: secretName: {{ include "openvpn.fullname" . }}-keys - name: ccd configMap: name: {{ include "openvpn.fullname" . }}-ccd - name: configuration configMap: name: {{ include "openvpn.fullname" . }}-configuration {{- if .Values.openvpn.scripts }} - name: scripts configMap: name: {{ include "openvpn.fullname" . }}-scripts defaultMode: 0755 {{- end }}