![]() They must be added if you wish to run a script when the connection # is opened / closed. # Pay close attention to the PostUp and PreDown lines. # Set AllowedIPs to 0.0.0.0/0 to route all traffic through the VPN. securit圜ontext : runAsUser : 568 runAsGroup : 568 env : # Enable a killswitch that kills all trafic when the VPN is not connected KILLSWITCH : "true" # The wireguard configuration file provided by your VPN provider goes here. # This is required for it to be able to read certain configuration files. type : wireguard # If the podSecurit圜ontext is set to run as a different user, make sure to run the Wireguard container as UID/GID 568. This will set the add-on to use the default settings for Wireguard based connections. shared : enabled : true type : emptyDir mountPath : /shared addons : vpn : enabled : true # This Should be set to `wireguard`. # It will be used to communicate between the two containers. WAIT_FOR_VPN : "true" persistence : config : enabled : true type : emptyDir mountPath : /config # This should be enabled so that both the qBittorrent and Wireguard container have access to a shared volume mounted to /shared. # It does this by checking the contents of a file /shared/vpnstatus to contain the string 'connected'. Image : repository : k8sathome/qbittorrent tag : v4.3.3 pullPolicy : IfNotPresent env : # Our qBittorrent image has a feature that can wait for the VPN to be connected before actually starting the application. Please refer to the Wireguard client image for more details on these environment variables. That is beyond the scope of this document. In order to have functioning ingress and/or probes, it might be required to open certain networks or ports on the VPN firewall. Example values ¶īelow is an annotated example values.yaml that will result in a qBittorrent container with all its traffic routed through a VPN. ![]() ![]() It does not cover all of the configuration possibilities of the Wireguard client image, but should give a good starting point for configuring a similar setup. This example shows how to add a Wireguard sidecar to our qBittorrent Helm chart. The Wireguard add-on enables you to force all (or selected) network traffic through a VPN. Addons : codeserver : enabled : true image : repository : codercom/code-server tag : 3.9.0 workingDir : "/config" args : -auth - "none" -user-data-dir - "/config/.vscode" -extensions-dir - "/config/.vscode" ingress : enabled : true annotations : kubernetes.io/ingress.class : "nginx" hosts : - host : paths : - path : / pathType : Prefix tls : - hosts : - volumeMounts : - name : config mountPath : /config Wireguard VPN ¶ ![]()
0 Comments
Leave a Reply. |