apiVersion: apps/v1 kind: Deployment metadata: name: protonmail-bridge-tailscale spec: replicas: 1 selector: matchLabels: app: protonmail-bridge-tailscale template: metadata: labels: app: protonmail-bridge-tailscale spec: serviceAccountName: {{ .Values.serviceAccountName }} containers: - image: schklom/protonmail-bridge:latest #Temp fix while the orig repo githu actions are fixed # - image: shenxn/protonmail-bridge:{{ .Chart.AppVersion }} name: protonmail-bridge volumeMounts: - mountPath: /root name: protonmail - mountPath: /certs name: certificates - image: tailscale/tailscale name: ts-protonmail-bridge env: - name: TS_HOSTNAME value: {{ .Values.containers.tailscale.hostname }} - name: TS_STATE_DIR value: "/var/lib/tailscale" - name: TS_AUTHKEY valueFrom: secretKeyRef: name: tailscale-auth key: TS_AUTHKEY - name: TS_EXTRA_ARGS valueFrom: secretKeyRef: name: tailscale-auth key: TS_EXTRA_ARGS - name: TS_USERSPACE value: "false" - name: TS_KUBE_SECRET value: "tailscale-auth" securityContext: capabilities: add: ["NET_ADMIN", "SYS_MODULE"] volumeMounts: - mountPath: /certs name: certificates - mountPath: /var/lib/tailscale name: tailscale-state restartPolicy: Always volumes: - name: protonmail persistentVolumeClaim: claimName: protonmail-bridge-pvc - name: certificates persistentVolumeClaim: claimName: certificates-pvc - name: tailscale-state persistentVolumeClaim: claimName: tailscale-state-pvc