1 files changed, 10 insertions, 2 deletions

diff --git a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
index b264577d..50f8e0c2 100644
--- a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
+++ b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
@@ -11,14 +11,15 @@ containers:
   - "run"
   - "--web-addr"
   - ":{{ whawty_auth_instances[whawty_auth_instance].port }}"
-{% if 'tls' in whawty_auth_instances[whawty_auth_instance] %}
   - "--web-config"
   - "/config/web.yml"
-{% endif %}
   volumeMounts:
   - name: config
     mountPath: /config
     readOnly: true
+  - name: tls
+    mountPath: /tls
+    readOnly: true
   - name: store
     mountPath: /store
   env:
@@ -28,6 +29,9 @@ containers:
   ports:
   - containerPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
+{% if whawty_auth_instances[whawty_auth_instance].publish.zone.publisher == inventory_hostname %}
+    hostIP: "127.0.0.1"
+{% endif %}
 {% if 'sync' in whawty_auth_instances[whawty_auth_instance] %}
 - name: sync
   image: "ghcr.io/whawty/auth/sync:v{{ whawty_auth_instances[whawty_auth_instance].version }}"
@@ -49,6 +53,10 @@ volumes:
   hostPath:
     path: "{{ whawty_auth_instance_basepath }}/config"
     type: Directory
+- name: tls
+  hostPath:
+    path: "{{ whawty_auth_instance_basepath }}/tls"
+    type: Directory
 - name: store
   hostPath:
     path: "{{ whawty_auth_instance_basepath }}/store"