apiVersion: apps/v1 kind: Deployment metadata: name: headscale labels: app.kubernetes.io/instance: headscale app.kubernetes.io/name: headscale spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/name: headscale app.kubernetes.io/instance: headscale template: metadata: labels: app.kubernetes.io/name: headscale app.kubernetes.io/instance: headscale spec: serviceAccountName: default automountServiceAccountToken: true dnsPolicy: ClusterFirst enableServiceLinks: true containers: - name: headscale image: ghcr.io/juanfont/headscale:v0.25.1 imagePullPolicy: Always args: - serve - --config=/etc/headscale/cfg/headscale.yaml resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "100m" memory: "256Mi" ports: - name: http containerPort: 8000 protocol: TCP - name: metrics containerPort: 9090 protocol: TCP - name: grpc containerPort: 50443 protocol: TCP volumeMounts: - name: config mountPath: /etc/headscale - name: secret mountPath: /etc/headscale/cfg livenessProbe: failureThreshold: 3 initialDelaySeconds: 0 periodSeconds: 10 tcpSocket: port: 8000 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 initialDelaySeconds: 0 periodSeconds: 10 tcpSocket: port: 8000 timeoutSeconds: 1 startupProbe: failureThreshold: 30 initialDelaySeconds: 0 periodSeconds: 5 tcpSocket: port: 8000 timeoutSeconds: 1 volumes: - name: config persistentVolumeClaim: claimName: headscale-config - name: secret secret: secretName: headscale