apiVersion: apps/v1 kind: Deployment metadata: name: cloudflared-deployment namespace: cloudflare labels: app: cloudflared spec: selector: matchLabels: pod: cloudflared replicas: 1 template: metadata: creationTimestamp: null labels: pod: cloudflared spec: containers: - name: cloudflared image: cloudflare/cloudflared:latest args: - --token - $(TUNNEL_TOKEN) command: - cloudflared - tunnel - --metrics - 0.0.0.0:2000 - run env: - name: TUNNEL_TOKEN valueFrom: secretKeyRef: key: token name: cloudflare-token livenessProbe: httpGet: path: /ready port: 2000 failureThreshold: 1 initialDelaySeconds: 10 periodSeconds: 10 terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst automountServiceAccountToken: false --- apiVersion: v1 kind: ConfigMap metadata: name: cloudflared namespace: cloudflare data: config.yaml: "originRequest:\n noTLSVerify: true \ningress:\n - hostname: kx3dex.radio\n service: https://ingress-nginx-controller.ingress-nginx.svc.cluster.local:443\n"