# --- DaemonSet Definition ---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: derper-daemonset
  namespace: tailscale-derp
  labels:
    app: derper
spec:
  selector:
    matchLabels:
      app: derper
  template:
    metadata:
      labels:
        app: derper # Service 将使用这个标签来选择 Pods
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                - claw-hk2
                - bwh-us1
                - tencent-gz1
                - tencent-sh1
      dnsPolicy: ClusterFirst # 默认 DNS 策略
      containers:
      - name: derper
        image: ghcr.io/yangchuansheng/ip_derper:latest
        ports:
        # --- 关键：定义容器监听的端口 ---
        # 你需要将这里的 3478 修改为 derper 容器实际监听的端口
        - name: derp-stun
          containerPort: 3478
          protocol: UDP
        - name: derp-addr
          containerPort: 80
          protocol: TCP
        resources: # 建议设置资源请求和限制
          requests:
            cpu: "100m"
            memory: "128Mi"
          limits:
            cpu: "500m"
            memory: "256Mi"