sdsys
/
openvpn


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
							apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "openvpn.fullname" . }}
  labels:
    {{- include "openvpn.labels" . | nindent 4 }}
spec:
  replicas: 1
  selector:
    matchLabels:
      {{- include "openvpn.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/cm-configuration.yaml") . | sha256sum }}
        checksum/config2: {{ include (print $.Template.BasePath "/secret-keys.yaml") . | sha256sum }}
        checksum/config3: {{ include (print $.Template.BasePath "/cm-openvpnscripts.yaml") . | sha256sum }}
    {{- with .Values.openvpn.podAnnotations }}
        {{- toYaml . | nindent 8 }}
    {{- end }}
      labels:
        {{- include "openvpn.selectorLabels" . | nindent 8 }}
    spec:
      {{- if .Values.registry_secret_data }}
      imagePullSecrets:
      - name: {{ include "openvpn.fullname" . }}-registry-secret
      {{- end }}
      hostNetwork: true
      containers:
        - name: {{ .Chart.Name }}
          command: ["/scripts/startscript"]
          {{- if .Values.openvpn.healthcheck }}
          livenessProbe:
            exec:
              command:
              - /scripts/healthcheck
            initialDelaySeconds: 20
            periodSeconds: 60
            failureThreshold: 5
          {{- end }}
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
                - MKNOD
          image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}"
          imagePullPolicy: {{ .Values.openvpn.pullPolicy }}
          env:
            - name: TZ
              value: Europe/Moscow          
          resources:
            {{- toYaml .Values.openvpn.resources | nindent 12 }}
          volumeMounts:
            - name: keys
              mountPath: /etc/openvpn/keys/
            - name: ccd
              mountPath: /etc/openvpn/ccd/
            - name: configuration
              mountPath: /etc/openvpn/configuration/
            - name: scripts
              mountPath: /scripts/
        - name: {{ .Chart.Name }}-stop
          image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}"
          imagePullPolicy: {{ .Values.openvpn.pullPolicy }}
          command: ["sleep","infinity"]
          lifecycle:
            preStop:
              exec:
                command: ["/bin/bash","-c","/scripts/stopscript"]
          volumeMounts:
            - name: scripts
              mountPath: /scripts/
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
                - MKNOD
      volumes:
      - name: keys
        secret:
          secretName: {{ include "openvpn.fullname" . }}-keys
      - name: ccd
        configMap: 
          name: {{ include "openvpn.fullname" . }}-ccd
      - name: configuration
        configMap:
          name: {{ include "openvpn.fullname" . }}-configuration
      - name: scripts
        configMap:
          name: {{ include "openvpn.fullname" . }}-scripts
          defaultMode: 0755