100 lines
2.6 KiB
YAML
100 lines
2.6 KiB
YAML
# Apply: kubectl apply -f manifests/network/gluetun-proxy.yaml
|
|
# Delete: kubectl delete -f manifests/network/gluetun-proxy.yaml
|
|
# Description: Standalone Gluetun HTTP proxy for browser traffic via PIA.
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: gluetun-proxy
|
|
namespace: downloads
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: gluetun-proxy
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: gluetun-proxy
|
|
spec:
|
|
containers:
|
|
- name: gluetun
|
|
image: qmcgaw/gluetun:latest
|
|
securityContext:
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
env:
|
|
- name: VPN_SERVICE_PROVIDER
|
|
value: private internet access
|
|
- name: VPN_TYPE
|
|
value: openvpn
|
|
- name: SERVER_REGIONS
|
|
value: South Korea,Taiwan,Hong Kong
|
|
- name: OPENVPN_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pia-credentials
|
|
key: OPENVPN_USER
|
|
- name: OPENVPN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pia-credentials
|
|
key: OPENVPN_PASSWORD
|
|
- name: HTTPPROXY
|
|
value: "on"
|
|
- name: HTTPPROXY_LISTENING_ADDRESS
|
|
value: "8888"
|
|
- name: HTTPPROXY_LOG
|
|
value: "off"
|
|
- name: FIREWALL_OUTBOUND_SUBNETS
|
|
value: "10.42.0.0/16,10.43.0.0/16,192.168.7.0/24"
|
|
- name: BLOCK_IPV6
|
|
value: "on"
|
|
ports:
|
|
- containerPort: 8888
|
|
startupProbe:
|
|
exec:
|
|
command:
|
|
- /gluetun-entrypoint
|
|
- healthcheck
|
|
periodSeconds: 10
|
|
failureThreshold: 18
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /gluetun-entrypoint
|
|
- healthcheck
|
|
periodSeconds: 30
|
|
failureThreshold: 3
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- /gluetun-entrypoint
|
|
- healthcheck
|
|
periodSeconds: 10
|
|
failureThreshold: 3
|
|
volumeMounts:
|
|
- name: tun
|
|
mountPath: /dev/net/tun
|
|
volumes:
|
|
- name: tun
|
|
hostPath:
|
|
path: /dev/net/tun
|
|
type: CharDevice
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: gluetun-proxy
|
|
namespace: downloads
|
|
spec:
|
|
selector:
|
|
app: gluetun-proxy
|
|
type: NodePort
|
|
ports:
|
|
- name: httpproxy
|
|
port: 8888
|
|
targetPort: 8888
|
|
nodePort: 30888
|