feat: add Gluetun proxy deployment and service configuration
This commit is contained in:
parent
c39ae7bd3c
commit
5fde45b374
78
manifests/network/gluetun-proxy.yaml
Normal file
78
manifests/network/gluetun-proxy.yaml
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
# Apply: kubectl apply -f manifests/network/gluetun-proxy.yaml
|
||||||
|
# Delete: kubectl delete -f manifests/network/gluetun-proxy.yaml
|
||||||
|
# Description: Standalone Gluetun HTTP proxy for browser traffic via PIA.
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: gluetun-proxy
|
||||||
|
namespace: downloads
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: gluetun-proxy
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: gluetun-proxy
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: gluetun
|
||||||
|
image: qmcgaw/gluetun:latest
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- NET_ADMIN
|
||||||
|
env:
|
||||||
|
- name: VPN_SERVICE_PROVIDER
|
||||||
|
value: private internet access
|
||||||
|
- name: VPN_TYPE
|
||||||
|
value: openvpn
|
||||||
|
- name: SERVER_REGIONS
|
||||||
|
value: Hong Kong
|
||||||
|
- name: OPENVPN_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: pia-credentials
|
||||||
|
key: OPENVPN_USER
|
||||||
|
- name: OPENVPN_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: pia-credentials
|
||||||
|
key: OPENVPN_PASSWORD
|
||||||
|
- name: HTTPPROXY
|
||||||
|
value: "on"
|
||||||
|
- name: HTTPPROXY_PORT
|
||||||
|
value: "8888"
|
||||||
|
- name: HTTPPROXY_LOG
|
||||||
|
value: "off"
|
||||||
|
- name: FIREWALL_OUTBOUND_SUBNETS
|
||||||
|
value: "10.42.0.0/16,10.43.0.0/16,192.168.7.0/24"
|
||||||
|
- name: BLOCK_IPV6
|
||||||
|
value: "on"
|
||||||
|
ports:
|
||||||
|
- containerPort: 8888
|
||||||
|
volumeMounts:
|
||||||
|
- name: tun
|
||||||
|
mountPath: /dev/net/tun
|
||||||
|
volumes:
|
||||||
|
- name: tun
|
||||||
|
hostPath:
|
||||||
|
path: /dev/net/tun
|
||||||
|
type: CharDevice
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: gluetun-proxy
|
||||||
|
namespace: downloads
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: gluetun-proxy
|
||||||
|
type: NodePort
|
||||||
|
ports:
|
||||||
|
- name: httpproxy
|
||||||
|
port: 8888
|
||||||
|
targetPort: 8888
|
||||||
|
nodePort: 30888
|
||||||
Loading…
x
Reference in New Issue
Block a user