| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340 |
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: pihole
- labels:
- app: pihole
- spec:
- selector:
- matchLabels:
- octopusexport: OctopusExport
- revisionHistoryLimit: 10
- replicas: 3
- strategy:
- type: RollingUpdate
- template:
- metadata:
- labels:
- app: pihole
- octopusexport: OctopusExport
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- dnsConfig:
- nameservers:
- - 8.8.8.8
- searches:
- - dezendorf.net
- - dezendorf.com
- volumes:
- - name: "pihole-custom-list"
- configMap:
- name: "pihole-custom-list"
- - name: "dnsmasq-options"
- configMap:
- name: "dnsmasq-options"
- - name: "pihole-ftl-config"
- configMap:
- name: "pihole-ftl-config"
- containers:
- - name: pihole
- image: 'pihole/pihole:2024.07.0'
- readinessProbe:
- httpGet:
- path: /admin/
- port: 80
- initialDelaySeconds: 20
- livenessProbe:
- exec:
- command:
- - dig
- - +short
- - "@127.0.0.1"
- - radarr.dezendorf.net
- initialDelaySeconds: 60
- periodSeconds: 30
- ports:
- - name: dns-udp
- containerPort: 53
- protocol: UDP
- - name: dns-tcp
- containerPort: 53
- protocol: TCP
- - name: web
- containerPort: 80
- protocol: TCP
- volumeMounts:
- - name: "pihole-custom-list"
- mountPath: "/etc/pihole/custom.list"
- subPath: "custom.list"
- readOnly: true
- - name: "dnsmasq-options"
- mountPath: "/etc/dnsmasq.d/01-pihole.conf"
- subPath: "01-pihole.conf"
- readOnly: true
- - name: "pihole-ftl-config"
- mountPath: "/etc/pihole/pihole-FTL.conf"
- subPath: "pihole-FTL.conf"
- readOnly: true
- affinity:
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - web
- topologyKey: kubernetes.io/hostname
- ---
- apiVersion: traefik.containo.us/v1alpha1
- kind: IngressRoute
- metadata:
- name: pihole-websecure-route
- namespace: default
- spec:
- entryPoints:
- - websecure
- routes:
- - match: Host(`pihole.dezendorf.net`)
- kind: Rule
- services:
- - name: pihole-web-svc
- port: 80
- tls:
- certResolver: myresolver
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: pihole-web-svc
- spec:
- type: ClusterIP
- ports:
- - name: websecure
- port: 80
- targetPort: 80
- selector:
- app: pihole
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: pihole-dns-tcp-svc
- spec:
- type: ClusterIP
- selector:
- app: pihole
- ports:
- - name: dns-tcp
- port: 53
- targetPort: 53
- protocol: TCP
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: pihole-dns-udp-svc
- spec:
- type: ClusterIP
- selector:
- app: pihole
- ports:
- - name: dns-udp
- port: 53
- targetPort: 53
- protocol: UDP
- ---
- apiVersion: traefik.containo.us/v1alpha1
- kind: IngressRoute
- metadata:
- name: pihole-web-route
- namespace: default
- spec:
- entryPoints:
- - web
- routes:
- - match: Host(`pihole.dezendorf.net`)
- kind: Rule
- middlewares:
- - name: redirecthttps
- services:
- - name: pihole-web-svc
- port: 80
- ---
- apiVersion: traefik.containo.us/v1alpha1
- kind: IngressRouteTCP
- metadata:
- name: pihole-tcp-route
- spec:
- entryPoints:
- - dns-tcp
- routes:
- - match: HostSNI(`*`)
- priority: 10
- services:
- - name: pihole-dns-tcp-svc
- port: 53
- ---
- apiVersion: traefik.containo.us/v1alpha1
- kind: IngressRouteUDP
- metadata:
- name: pihole-udp-route
- spec:
- entryPoints:
- - dns-udp
- routes:
- - services:
- - name: pihole-dns-udp-svc
- port: 53
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: pihole-custom-list
- namespace: default
- data:
- custom.list: |
- 192.168.1.9 gondor
- 192.168.1.50 astoria
- 192.168.1.87 go
- 192.168.1.87 photos
- 192.168.1.87 photo
- 192.168.1.87 pihole
- 192.168.1.87 tesseract
- 192.168.1.87 sso
- 192.168.1.87 cd
- 192.168.1.87 argocd
- 192.168.1.87 docker
- 192.168.1.87 dockerr
- 192.168.1.87 longhorn
- 192.168.1.87 whoami
- 192.168.1.87 transmission
- 192.168.1.87 traefik
- 192.168.1.87 jackett
- 192.168.1.87 sonarr
- 192.168.1.87 whisparr
- 192.168.1.87 radarr
- 192.168.1.87 bazarr
- 192.168.1.87 prometheus
- 192.168.1.87 alertmanager
- 192.168.1.87 readarr
- 192.168.1.87 calibre
- 192.168.1.87 books
- 192.168.1.87 lidarr
- 192.168.1.87 airsonic
- 192.168.1.87 beets
- 192.168.1.87 codeserver
- 192.168.1.87 gogs
- 192.168.1.87 grafana
- 192.168.1.87 mysql
- 192.168.1.87 devport
- 192.168.1.87 homeassistant
- 192.168.1.87 homebridge
- 192.168.1.87 htrae
- 192.168.1.157 thick2
- 192.168.1.158 thick1
- 192.168.1.151 thin1
- 192.168.1.152 thin2
- 192.168.1.153 thin3
- 192.168.1.154 apc-pdu-01
- 192.168.1.155 pve1
- 192.168.1.159 apc-pdu-02
- 192.168.1.160 rpi4-0
- 192.168.1.161 rpi4-1
- 192.168.1.162 rpi4-2
- 192.168.1.163 rpi4-3
- 192.168.1.164 rpi4-4
- 192.168.1.165 rpi4-5
- 192.168.1.166 rpi4-6
- 192.168.1.167 rpi4-7
- 192.168.1.236 plex
- 192.168.0.10 talos-master talos
- 192.168.0.11 talos-master-vm-01
- #192.168.0.11 talos-master-01
- 192.168.0.12 talos-master-vm-02
- 192.168.0.13 talos-master-vm-03
- 192.168.0.14 talos-worker-vm-01
- 192.168.0.15 talos-worker-vm-02
- 192.168.0.16 talos-worker-vm-03
- 192.168.0.17 talos-worker-vm-04
- 192.168.0.21 ceph-thin1
- 192.168.0.22 ceph-thin2
- 192.168.0.23 ceph-thin3
- 192.168.0.24 ceph-thin4
- 192.168.0.25 ceph-thin5
- 192.168.0.26 ceph-thin6
- 192.168.0.27 ceph-thin7
- 192.168.0.41 ceph-cache1
- 192.168.0.42 ceph-cache2
- 192.168.0.43 ceph-cache3
- 192.168.0.103 sv08
- 192.168.0.128 ceph
- 192.168.0.129 rados
-
- 136.61.103.116 matrix-auth.dezendorf.net
- 136.61.103.116 matrix.dezendorf.net
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: dnsmasq-options
- namespace: default
- data:
- 01-pihole.conf: |
- # Pi-hole: A black hole for Internet advertisements
- # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
- # Network-wide ad blocking via your own hardware.
- #
- # Dnsmasq config for Pi-hole's FTLDNS
- #
- # This file is copyright under the latest version of the EUPL.
- # Please see LICENSE file for your rights under this license.
-
- ###############################################################################
- # FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
- # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
- # #
- # IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
- # /etc/pihole/setupVars.conf #
- # #
- # ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
- # WITHIN /etc/dnsmasq.d/yourname.conf #
- ###############################################################################
-
- addn-hosts=/etc/pihole/local.list
- addn-hosts=/etc/pihole/custom.list
-
-
- localise-queries
-
-
- no-resolv
-
- log-queries
- log-facility=/var/log/pihole/pihole.log
-
- log-async
- cache-size=10000
- server=8.8.8.8
- #domain-needed
- domain=dezendorf.net
- expand-hosts
- bogus-priv
- except-interface=nonexisting
-
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: pihole-ftl-config
- namespace: default
- data:
- pihole-FTL.conf: |
- #; Pi-hole FTL config file
- #; Comments should start with #; to avoid issues with PHP and bash reading this file
- PRIVACYLEVEL=0
- BLOCK_ICLOUD_PR=false
|
