apiVersion: apps/v1 kind: Deployment metadata: name: pihole labels: app: pihole spec: selector: matchLabels: octopusexport: OctopusExport revisionHistoryLimit: 10 replicas: 1 strategy: type: RollingUpdate template: metadata: labels: app: pihole octopusexport: OctopusExport spec: dnsPolicy: ClusterFirstWithHostNet dnsConfig: nameservers: - 192.168.1.9 - 8.8.8.8 searches: - dezendorf.net - dezendorf.com volumes: - name: piholeetc persistentVolumeClaim: claimName: piholeetc - name: piholednsmasq persistentVolumeClaim: claimName: piholednsmasq containers: - name: pihole image: 'pihole/pihole:latest' ports: - name: dns-udp containerPort: 53 protocol: UDP - name: dns-tcp containerPort: 53 protocol: TCP - name: web containerPort: 80 protocol: TCP volumeMounts: - name: piholeetc mountPath: /etc/pihole subPath: '' - name: piholednsmasq mountPath: /etc/dnsmasq.d subPath: '' affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - web topologyKey: kubernetes.io/hostname --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: piholednsmasq namespace: default spec: accessModes: - ReadWriteOnce resources: requests: storage: 500M storageClassName: longhorn --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: piholeetc namespace: default spec: accessModes: - ReadWriteOnce resources: requests: storage: 500M storageClassName: longhorn --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: pihole-websecure-route namespace: default spec: entryPoints: - websecure routes: - match: Host(`pihole.dezendorf.net`) kind: Rule services: - name: pihole-web-svc port: 80 tls: certResolver: myresolver --- apiVersion: v1 kind: Service metadata: name: pihole-web-svc spec: type: ClusterIP ports: - name: websecure port: 80 targetPort: 80 selector: app: pihole --- apiVersion: v1 kind: Service metadata: name: pihole-dns-tcp-svc spec: type: ClusterIP selector: app: pihole ports: - name: dns-tcp port: 53 targetPort: 53 protocol: TCP --- apiVersion: v1 kind: Service metadata: name: pihole-dns-udp-svc spec: type: ClusterIP selector: app: pihole ports: - name: dns-udp port: 53 targetPort: 53 protocol: UDP --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: pihole-web-route namespace: default spec: entryPoints: - web routes: - match: Host(`pihole.dezendorf.net`) kind: Rule middlewares: - name: redirecthttps services: - name: pihole-web-svc port: 80 --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRouteTCP metadata: name: pihole-tcp-route spec: entryPoints: - dns-tcp routes: - match: HostSNI(`*`) priority: 10 services: - name: pihole-dns-tcp-svc port: 53 --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRouteUDP metadata: name: pihole-udp-route spec: entryPoints: - dns-udp routes: - services: - name: pihole-dns-udp-svc port: 53