apiVersion: apps/v1
kind: Deployment
metadata:
  name: pihole
  labels:
    app: pihole
spec:
  selector:
    matchLabels:
      octopusexport: OctopusExport
  revisionHistoryLimit: 10
  replicas: 1
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: pihole
        octopusexport: OctopusExport
    spec:
      dnsPolicy: ClusterFirstWithHostNet
      dnsConfig:
        nameservers:
          - 192.168.1.9
          - 8.8.8.8
        searches:
          - dezendorf.net
          - dezendorf.com
      volumes:
        - name: piholeetc
          persistentVolumeClaim:
            claimName: piholeetc
        - name: piholednsmasq
          persistentVolumeClaim:
            claimName: piholednsmasq
        - name: "pihole-custom-list"
          configMap:
            name: "pihole-custom-list"
      containers:
        - name: pihole
          image: 'pihole/pihole:latest'
          ports:
            - name: dns-udp
              containerPort: 53
              protocol: UDP
            - name: dns-tcp
              containerPort: 53
              protocol: TCP
            - name: web
              containerPort: 80
              protocol: TCP
          volumeMounts:
            - name: piholeetc
              mountPath: /etc/pihole
              subPath: ''
            - name: piholednsmasq
              mountPath: /etc/dnsmasq.d
              subPath: ''
            - name: "pihole-custom-list"
              mountPath: "/etc/pihole/custom.list"
              subPath: "custom.list"
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              podAffinityTerm:
                labelSelector:
                  matchExpressions:
                    - key: app
                      operator: In
                      values:
                        - web
                topologyKey: kubernetes.io/hostname
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: piholednsmasq
  namespace: default
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 500M
  storageClassName: longhorn
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata: 
  name: piholeetc
  namespace: default
spec:     
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 500M
  storageClassName: longhorn
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: pihole-websecure-route
  namespace: default
spec:
  entryPoints:
    - websecure
  routes:
  - match: Host(`pihole.dezendorf.net`)
    kind: Rule
    services:
    - name: pihole-web-svc
      port: 80
  tls:
    certResolver: myresolver
---
apiVersion: v1
kind: Service
metadata:
  name: pihole-web-svc
spec:
  type: ClusterIP
  ports:
    - name: websecure
      port: 80
      targetPort: 80
  selector:
    app: pihole
---
apiVersion: v1
kind: Service
metadata:
  name: pihole-dns-tcp-svc
spec:
  type: ClusterIP
  selector:
    app: pihole
  ports:
    - name: dns-tcp
      port: 53
      targetPort: 53
      protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
  name: pihole-dns-udp-svc
spec:
  type: ClusterIP
  selector:
    app: pihole
  ports:
    - name: dns-udp
      port: 53
      targetPort: 53
      protocol: UDP
---   
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: pihole-web-route
  namespace: default
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`pihole.dezendorf.net`) 
    kind: Rule
    middlewares:
    - name: redirecthttps
    services:
    - name: pihole-web-svc
      port: 80
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: pihole-tcp-route
spec:
  entryPoints:
    - dns-tcp
  routes:
  - match: HostSNI(`*`)
    priority: 10
    services:
    - name: pihole-dns-tcp-svc
      port: 53
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteUDP
metadata:
  name: pihole-udp-route
spec:
  entryPoints:
    - dns-udp
  routes:
  - services:
    - name: pihole-dns-udp-svc
      port: 53

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: pihole-custom-list
  namespace: default
data:
  custom.list: |
    192.168.1.87 go.dezendorf.net
    192.168.1.9 gondor.dezendorf.net
    192.168.1.87 pihole.dezendorf.net
    192.168.1.87 tesseract.dezendorf.net
    192.168.1.50 astoria.dezendorf.net
    192.168.1.151 thin1.dezendorf.net
    192.168.1.152 thin2.dezendorf.net
    192.168.1.153 thin3.dezendorf.net
    192.168.1.87 docker.dezendorf.net
    192.168.1.87 sso.dezendorf.net
    192.168.1.87 argocd.dezendorf.net
    192.168.1.87 auth.dezendorf.net
    192.168.1.87 longhorn.dezendorf.net
    192.168.1.87 whoami.dezendorf.net
    192.168.1.87 transmission.dezendorf.net
    192.168.1.87 traefik.dezendorf.net
    192.168.1.87 jackett.dezendorf.net
    192.168.1.87 sonarr.dezendorf.net
    192.168.1.87 whisparr.dezendorf.net
    192.168.1.87 radarr.dezendorf.net
    192.168.1.87 bazarr.dezendorf.net
    192.168.1.154 apc-pdu-01.dezendorf.net
    192.168.1.158 thick1.dezendorf.net
    192.168.1.87 grafana.dezendorf.net
    192.168.1.87 prometheus.dezendorf.net
    192.168.1.87 alertmanager.dezendorf.net
    192.168.1.87 readarr.dezendorf.net
    192.168.1.87 calibre.dezendorf.net
    192.168.1.87 books.dezendorf.net
    192.168.1.87 lidarr.dezendorf.net
    192.168.1.87 airsonic.dezendorf.net
    192.168.1.87 beets.dezendorf.net
    192.168.1.87 codeserver.dezendorf.net
    192.168.1.157 thick2.dezendorf.net
    192.168.1.87 gogs.dezendorf.net