diff --git a/helm/wireguard/Chart.yaml b/helm/wireguard/Chart.yaml index adfc934..b9c3def 100644 --- a/helm/wireguard/Chart.yaml +++ b/helm/wireguard/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: wireguard description: A Helm chart for managing a wireguard vpn in kubernetes type: application -version: 0.18.0 +version: 0.19.0 appVersion: "0.0.0" maintainers: - name: bryopsida diff --git a/helm/wireguard/README.md b/helm/wireguard/README.md index 5ce4f42..d5a361f 100644 --- a/helm/wireguard/README.md +++ b/helm/wireguard/README.md @@ -1,6 +1,6 @@ # wireguard -![Version: 0.18.0](https://img.shields.io/badge/Version-0.18.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.0](https://img.shields.io/badge/AppVersion-0.0.0-informational?style=flat-square) +![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.0](https://img.shields.io/badge/AppVersion-0.0.0-informational?style=flat-square) A Helm chart for managing a wireguard vpn in kubernetes @@ -106,10 +106,10 @@ A Helm chart for managing a wireguard vpn in kubernetes | useHostPort | bool | `false` | Expose VPN service on hostPort | | volumeMounts | object | `{}` | Passthrough pod volume mounts | | volumes | object | `{}` | Passthrough pod volumes | -| wireguard.clients | list | `[]` | A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags), stored in secret | +| wireguard.clients | list | `[]` | A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags) and PersistentKeepalive (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence), stored in secret | | wireguard.natAddSourceNet | bool | `true` | Add the serverCidr to the nat source net option | | wireguard.serverAddress | string | `"10.34.0.1/24"` | Address of the VPN server | | wireguard.serverCidr | string | `"10.34.0.0/24"` | Subnet for your VPN, take care not to clash with cluster POD cidr | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) +Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0) diff --git a/helm/wireguard/templates/config.yaml b/helm/wireguard/templates/config.yaml index a7f5a6e..7f4c6dc 100644 --- a/helm/wireguard/templates/config.yaml +++ b/helm/wireguard/templates/config.yaml @@ -20,6 +20,9 @@ AllowedIPs = {{ .AllowedIPs }} {{- if .PresharedKey }} PresharedKey = {{ .PresharedKey }} {{- end }} +{{- if .PersistentKeepalive }} +PersistentKeepalive = {{ .PersistentKeepalive }} +{{- end }} {{- end }} # End Clients diff --git a/helm/wireguard/values.yaml b/helm/wireguard/values.yaml index 9b480ec..98ffd3e 100644 --- a/helm/wireguard/values.yaml +++ b/helm/wireguard/values.yaml @@ -41,7 +41,7 @@ wireguard: serverCidr: 10.34.0.0/24 # -- Add the serverCidr to the nat source net option natAddSourceNet: true - # -- A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags), stored in secret + # -- A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags) and PersistentKeepalive (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence), stored in secret clients: [] # - FriendlyName: username1 # ## FriendlyJson will override FriendlyName @@ -49,6 +49,8 @@ wireguard: # # username: "username1" # AllowedIPs: 10.34.0.101/32 # PublicKey: QTxoajwVHWZ7qqVwY2F9T1L04M0j5GSNC15++LZw1iA= + # # Normally PersistentKeepalive is not required + # #PersistentKeepalive: 25 securityContext: runAsNonRoot: true runAsUser: 1000