media: add gluetun (AirVPN wireguard) with proxy service

helm-values/gluetun_values.yaml

@@ -0,0 +1,87 @@
+replicaCount: 1
+
+image:
+  repository: qmcgaw/gluetun
+  tag: "latest"
+  pullPolicy: Always
+
+env:
+  - name: VPN_SERVICE_PROVIDER
+    value: "airvpn"
+  - name: VPN_TYPE
+    value: "wireguard"
+  - name: WIREGUARD_PRIVATE_KEY
+    valueFrom:
+      secretKeyRef:
+        name: gluetun-wireguard
+        key: WIREGUARD_PRIVATE_KEY
+  - name: WIREGUARD_ADDRESSES
+    valueFrom:
+      secretKeyRef:
+        name: gluetun-wireguard
+        key: WIREGUARD_ADDRESSES
+  - name: SERVER_HOSTNAMES
+    value: "REPLACE_ME"
+  - name: HTTPPROXY
+    value: "on"
+  - name: HTTPPROXY_LOG
+    value: "off"
+  - name: FIREWALL_INPUT_PORTS
+    value: "8888"
+  - name: TZ
+    value: "Europe/Amsterdam"
+
+secret:
+  create: true
+  name: gluetun-wireguard
+  privateKey: "REPLACE_ME"
+  addresses: "REPLACE_ME"
+
+service:
+  type: ClusterIP
+  port: 8888
+
+volumes:
+  - name: dev-tun
+    hostPath:
+      path: /dev/net/tun
+
+volumeMounts:
+  - name: dev-tun
+    mountPath: "/dev/net/tun"
+
+securityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    add:
+      - NET_ADMIN
+
+livenessProbe:
+  tcpSocket:
+    port: 8888
+  initialDelaySeconds: 10
+  periodSeconds: 20
+  timeoutSeconds: 2
+  failureThreshold: 3
+
+readinessProbe:
+  tcpSocket:
+    port: 8888
+  initialDelaySeconds: 5
+  periodSeconds: 10
+  timeoutSeconds: 2
+  failureThreshold: 3
+
+resources:
+  requests:
+    memory: 128Mi
+    cpu: 100m
+  limits:
+    memory: 512Mi
+    cpu: 500m
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}