apiVersion: v1 kind: Secret metadata: name: tailscale-auth namespace: proxy-civo annotations: kube-1password: 2cqycmsgv5r7vcyvjpblcl2l4y kube-1password/vault: Kubernetes type: Opaque --- apiVersion: v1 kind: ConfigMap metadata: name: host-mappings namespace: proxy-civo labels: app: proxy data: mapping.json: | { "vmcluster.proxy-civo.svc": "vmcluster.cluster.local", "loki.proxy-civo.svc": "loki-write.cluster.local", "loki.proxy-civo.svc:80": "loki-write.cluster.local", "loki-distributed.proxy-civo.svc": "loki-loki.cluster.local", "loki-distributed.proxy-civo.svc:80": "loki-loki.cluster.local" } --- apiVersion: apps/v1 kind: Deployment metadata: name: internal-proxy namespace: proxy-civo labels: app: internal-proxy annotations: configmap.reloader.stakater.com/reload: "host-mappings" secret.reloader.stakater.com/reload: "tailscale-auth" spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: internal-proxy template: metadata: labels: app: internal-proxy spec: serviceAccountName: default dnsPolicy: ClusterFirst dnsConfig: nameservers: - 100.100.100.100 containers: - name: proxy image: rg.fr-par.scw.cloud/averagemarcus/proxy:latest imagePullPolicy: Always env: - name: PROXY_DESTINATION value: talos.tail4dfb.ts.net - name: PORT value: "8080" - name: TS_AUTH_KEY valueFrom: secretKeyRef: name: tailscale-auth key: password - name: TS_HOSTNAME value: proxy-civo-internal-proxy ports: - containerPort: 8080 protocol: TCP volumeMounts: - name: host-mappings mountPath: /config/ volumes: - name: host-mappings configMap: name: host-mappings --- apiVersion: v1 kind: Service metadata: name: loki namespace: proxy-civo labels: app: internal-proxy spec: ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app: internal-proxy type: ClusterIP --- apiVersion: v1 kind: Service metadata: name: loki-distributed namespace: proxy-civo labels: app: internal-proxy spec: ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app: internal-proxy type: ClusterIP --- apiVersion: v1 kind: Service metadata: name: prometheus namespace: proxy-civo labels: app: internal-proxy spec: ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app: internal-proxy type: ClusterIP --- apiVersion: v1 kind: Service metadata: name: vmcluster namespace: proxy-civo labels: app: internal-proxy spec: ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app: internal-proxy type: ClusterIP ---