apiVersion: apps/v1 kind: Deployment metadata: name: netbird-proxy labels: app: netbird-proxy spec: replicas: 1 selector: matchLabels: app: netbird-proxy template: metadata: labels: app: netbird-proxy spec: hostAliases: - ip: "192.168.100.1" hostnames: - "host.docker.internal" containers: - name: proxy image: netbird-proxy ports: - containerPort: 8443 name: https - containerPort: 8080 name: health - containerPort: 8444 name: debug env: - name: USER value: "netbird" - name: HOME value: "/tmp" - name: NB_PROXY_DEBUG_LOGS value: "true" - name: NB_PROXY_MANAGEMENT_ADDRESS value: "http://host.docker.internal:8080" - name: NB_PROXY_ADDRESS value: ":8443" - name: NB_PROXY_HEALTH_ADDRESS value: ":8080" - name: NB_PROXY_DEBUG_ENDPOINT value: "true" - name: NB_PROXY_DEBUG_ENDPOINT_ADDRESS value: ":8444" - name: NB_PROXY_URL value: "https://proxy.local" - name: NB_PROXY_CERTIFICATE_DIRECTORY value: "/certs" - name: NB_PROXY_TOKEN valueFrom: secretKeyRef: name: netbird-proxy-token key: token - name: NB_PROXY_ALLOW_INSECURE value: "true" # Required for HTTP management connection in dev volumeMounts: - name: tls-certs mountPath: /certs readOnly: true livenessProbe: httpGet: path: /healthz/live port: health initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: httpGet: path: /healthz/ready port: health initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 startupProbe: httpGet: path: /healthz/startup port: health periodSeconds: 2 timeoutSeconds: 10 failureThreshold: 60 resources: requests: memory: "64Mi" cpu: "100m" limits: memory: "256Mi" cpu: "500m" volumes: - name: tls-certs secret: secretName: netbird-proxy-tls --- apiVersion: v1 kind: Service metadata: name: netbird-proxy spec: selector: app: netbird-proxy ports: - name: https port: 8443 targetPort: 8443 - name: health port: 8080 targetPort: 8080 - name: debug port: 8444 targetPort: 8444 type: ClusterIP