mirror of
https://github.com/beclab/Olares
synced 2026-05-24 01:08:23 +00:00
bfl, studio, tapr, authelia: fit new user owner role (#1551)
* bfl, studio, tapr: fit new user owner role * fix: tailscale index * fix: l4 proxy version
This commit is contained in:
hysyeah
GitHub
parent
b37adf2521
commit
962e251691
8 changed files with 11 additions and 11 deletions
|
|
@ -163,7 +163,7 @@ spec:
|
|||
priorityClassName: "system-cluster-critical"
|
||||
containers:
|
||||
- name: app-service
|
||||
image: beclab/app-service:0.3.52
|
||||
image: beclab/app-service:0.3.53
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
|
|
|
|||
|
|
@ -367,7 +367,7 @@ spec:
|
|||
privileged: true
|
||||
containers:
|
||||
- name: authelia
|
||||
image: beclab/auth:0.2.15
|
||||
image: beclab/auth:0.2.16
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 9091
|
||||
|
|
|
|||
|
|
@ -266,7 +266,7 @@ spec:
|
|||
|
||||
containers:
|
||||
- name: api
|
||||
image: beclab/bfl:v0.4.18
|
||||
image: beclab/bfl:v0.4.19
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
|
|
@ -310,7 +310,7 @@ spec:
|
|||
- name: BACKUP_SERVER
|
||||
value: backup-server.os-framework:8082
|
||||
- name: L4_PROXY_IMAGE_VERSION
|
||||
value: v0.3.0
|
||||
value: v0.3.1
|
||||
- name: L4_PROXY_SERVICE_ACCOUNT
|
||||
value: os-network-internal
|
||||
- name: L4_PROXY_NAMESPACE
|
||||
|
|
|
|||
|
|
@ -301,7 +301,7 @@ spec:
|
|||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.hostIP
|
||||
{{- if eq $role "platform-admin" }}
|
||||
{{- if or (eq $role "owner") (eq $role "admin") }}
|
||||
- name: TS_DEBUG_FIREWALL_MODE
|
||||
value: nftables
|
||||
{{- end }}
|
||||
|
|
@ -315,13 +315,13 @@ spec:
|
|||
value: >-
|
||||
--no-logs-no-support
|
||||
--verbose=1
|
||||
--tun=tailscale0{{ if ne $role "platform-admin" }}$(USER_INDEX){{ end }}
|
||||
--tun=tailscale0{{ if and .Values.tailscaleUserIndex (ne .Values.tailscaleUserIndex "0") }}$(USER_INDEX){{ end }}
|
||||
- name: TS_ROUTES
|
||||
value: $(COREDNS_SVC)/32
|
||||
- name: TS_EXTRA_ARGS
|
||||
value: >-
|
||||
--login-server http://headscale-server-svc:8080
|
||||
--netfilter-mode {{ if eq $role "platform-admin" }}on{{ else }}off{{ end }}
|
||||
--netfilter-mode {{ if or (eq $role "owner") (eq $role "admin") }}on{{ else }}off{{ end }}
|
||||
- name: TS_USERSPACE
|
||||
value: "false"
|
||||
|
||||
|
|
|
|||
|
|
@ -3,5 +3,5 @@ target: prebuilt
|
|||
output:
|
||||
containers:
|
||||
-
|
||||
name: beclab/l4-bfl-proxy:v0.3.0
|
||||
name: beclab/l4-bfl-proxy:v0.3.1
|
||||
# must have blank new line
|
||||
|
|
@ -190,7 +190,7 @@ spec:
|
|||
|
||||
containers:
|
||||
- name: studio
|
||||
image: beclab/studio-server:v0.1.53
|
||||
image: beclab/studio-server:v0.1.54
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- server
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ spec:
|
|||
- name: DISABLE_TELEMETRY
|
||||
value: "false"
|
||||
- name: operator-api
|
||||
image: beclab/middleware-operator:0.2.12
|
||||
image: beclab/middleware-operator:0.2.13
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 9080
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ spec:
|
|||
runAsUser: 0
|
||||
containers:
|
||||
- name: tapr-sysevent
|
||||
image: beclab/sys-event:0.2.7
|
||||
image: beclab/sys-event:0.2.8
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: APP_RANDOM_KEY
|
||||
|
|
|
|||
Loading…
Reference in a new issue