media: add wireguard preshared key support
This commit is contained in:
gilgamezh
@@ -9,6 +9,7 @@ AirVPN WireGuard values:
|
|||||||
- `env.WIREGUARD_ADDRESSES` -> WireGuard tunnel address(es) (IPv4 /32 and optional IPv6)
|
- `env.WIREGUARD_ADDRESSES` -> WireGuard tunnel address(es) (IPv4 /32 and optional IPv6)
|
||||||
- `env.SERVER_HOSTNAMES` -> stable AirVPN server hostname
|
- `env.SERVER_HOSTNAMES` -> stable AirVPN server hostname
|
||||||
- Create a Secret named `gluetun-wireguard` with key `WIREGUARD_PRIVATE_KEY` from your AirVPN WireGuard config (do not commit the key).
|
- Create a Secret named `gluetun-wireguard` with key `WIREGUARD_PRIVATE_KEY` from your AirVPN WireGuard config (do not commit the key).
|
||||||
|
- Add `WIREGUARD_PRESHARED_KEY` from the same AirVPN WireGuard config.
|
||||||
- `helm-values/gluetun_values.yaml` sets `secret.create: false` so the chart does not create a placeholder secret.
|
- `helm-values/gluetun_values.yaml` sets `secret.create: false` so the chart does not create a placeholder secret.
|
||||||
|
|
||||||
Validation:
|
Validation:
|
||||||
|
|||||||
@@ -11,4 +11,5 @@ metadata:
|
|||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
WIREGUARD_PRIVATE_KEY: {{ .Values.secret.privateKey | quote }}
|
WIREGUARD_PRIVATE_KEY: {{ .Values.secret.privateKey | quote }}
|
||||||
|
WIREGUARD_PRESHARED_KEY: {{ .Values.secret.presharedKey | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@@ -15,6 +15,11 @@ env:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gluetun-wireguard
|
name: gluetun-wireguard
|
||||||
key: WIREGUARD_PRIVATE_KEY
|
key: WIREGUARD_PRIVATE_KEY
|
||||||
|
- name: WIREGUARD_PRESHARED_KEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: gluetun-wireguard
|
||||||
|
key: WIREGUARD_PRESHARED_KEY
|
||||||
- name: WIREGUARD_ADDRESSES
|
- name: WIREGUARD_ADDRESSES
|
||||||
value: "REPLACE_ME"
|
value: "REPLACE_ME"
|
||||||
- name: SERVER_HOSTNAMES
|
- name: SERVER_HOSTNAMES
|
||||||
@@ -32,6 +37,7 @@ secret:
|
|||||||
create: true
|
create: true
|
||||||
name: gluetun-wireguard
|
name: gluetun-wireguard
|
||||||
privateKey: "REPLACE_ME"
|
privateKey: "REPLACE_ME"
|
||||||
|
presharedKey: "REPLACE_ME"
|
||||||
|
|
||||||
service:
|
service:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
|||||||
@@ -15,6 +15,11 @@ env:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: gluetun-wireguard
|
name: gluetun-wireguard
|
||||||
key: WIREGUARD_PRIVATE_KEY
|
key: WIREGUARD_PRIVATE_KEY
|
||||||
|
- name: WIREGUARD_PRESHARED_KEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: gluetun-wireguard
|
||||||
|
key: WIREGUARD_PRESHARED_KEY
|
||||||
- name: WIREGUARD_ADDRESSES
|
- name: WIREGUARD_ADDRESSES
|
||||||
value: "10.160.17.207/32,fd7d:76ee:e68f:a993:61d7:a5fe:f834:90e1/128"
|
value: "10.160.17.207/32,fd7d:76ee:e68f:a993:61d7:a5fe:f834:90e1/128"
|
||||||
- name: SERVER_HOSTNAMES
|
- name: SERVER_HOSTNAMES
|
||||||
|
|||||||
Reference in New Issue
Block a user