fix(headscale): derp support (with embedded server)

2023-08-23 00:38:09 +02:00 · 2023-08-23 00:38:09 +02:00 · 40c86767a2
commit 40c86767a2
parent ffb0ada586
4 changed files with 45 additions and 1 deletions
--- a/headscale/Chart.yaml
+++ b/headscale/Chart.yaml
@ -3,7 +3,7 @@ name: headscale
 description: An open source, self-hosted implementation of the Tailscale control server.
 icon: https://raw.githubusercontent.com/juanfont/headscale/56a7b1e34952c3e0306a134b2be9b4277f5d8d6e/docs/logo/headscale3-dots.svg
 type: application
-version: 0.1.1
+version: 0.2.0
 appVersion: "0.22.3"
 keywords:
  - headscale
--- a/headscale/templates/deployment.yaml
+++ b/headscale/templates/deployment.yaml
@ -47,6 +47,11 @@ spec:
            - name: grpc
              containerPort: {{ .Values.service.port.grpc }}
              protocol: TCP
+            {{- if .Values.headscale.config.derp.server.enabled }}
+            - name: derp
+              containerPort: {{ .Values.service.derp.port }}
+              protocol: UDP
+            {{- end }}
          livenessProbe:
            httpGet:
              path: /health
--- a/headscale/templates/service.yaml
+++ b/headscale/templates/service.yaml
@ -25,3 +25,25 @@ spec:
      name: grpc
  selector:
    {{- include "headscale.selectorLabels" . | nindent 4 }}
+{{- if .Values.headscale.config.derp.server.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "headscale.fullname" . }}-derp
+  labels:
+    {{- include "headscale.labels" . | nindent 4 }}
+  {{- with .Values.service.derp.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4}}
+  {{- end }}
+spec:
+  type: {{ .Values.service.derp.type }}
+  ports:
+    - port: {{ .Values.service.derp.port }}
+      targetPort: derp
+      protocol: UDP
+      name: derp
+  selector:
+    {{- include "headscale.selectorLabels" . | nindent 4 }}
+{{- end }}
--- a/headscale/values.yaml
+++ b/headscale/values.yaml
@ -58,6 +58,18 @@ headscale:
    ## Use already defined certificates:
    tls_cert_path: "/etc/headscale/certs/tls.crt"
    tls_key_path: "/etc/headscale/certs/tls.key"
+    derp:
+      server:
+        enabled: true
+        region_id: 999
+        region_code: "headscale"
+        region_name: "Headscale Embedded DERP"
+        stun_listen_addr: "0.0.0.0:3478"
+      urls: []
+      # - https://controlplane.tailscale.com/derpmap/default
+      paths: []
+      # auto_update_enabled: true
+      update_frequency: 24h

 prometheus:
  servicemonitor:
@ -135,6 +147,11 @@ service:
    http: 8080
    metrics: 9090
    grpc: 50443
+  derp:
+    # just if headscale.config.derp.server.enabled
+    type: LoadBalancer
+    annotations:
+    port: 3478

 ingress:
  enabled: false