apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: headscale-data
  namespace: networking
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: headscale
  namespace: networking
  labels:
    app: headscale
spec:
  replicas: 1
  selector:
    matchLabels:
      app: headscale
  template:
    metadata:
      labels:
        app: headscale
    spec:
      containers:
        - name: headscale
          image: docker.io/headscale/headscale
          command: ["headscale", "serve"]
          ports:
            - containerPort: 8080
              name: http
            - containerPort: 9090
          resources:
            requests:
              cpu: 100m
              memory: 256Mi
            limits:
              cpu: 512m
              memory: 1Gi 
          livenessProbe:
            httpGet:
              path: /health
              port: http
            initialDelaySeconds: 10
            periodSeconds: 30
          readinessProbe:
            httpGet:
              path: /health
              port: http
            initialDelaySeconds: 5
            periodSeconds: 10
          volumeMounts:
            - name: headscale-data
              mountPath: /var/lib/headscale
            - name: headscale-config
              mountPath: /etc/headscale/config.yaml
              subPath: config.yaml
            - name: headscale-config
              mountPath: /etc/headscale/acl.json
              subPath: acl.json
      volumes:
        - name: headscale-data
          persistentVolumeClaim:
            claimName: headscale-data
        - name: headscale-config
          configMap:
            name: headscale-config
---
apiVersion: v1
kind: Service
metadata:
  name: headscale
  namespace: networking
  labels:
    app: headscale
spec:
  selector:
    app: headscale
  ports:
    - port: 8080
      targetPort: http
      protocol: TCP
      name: http