From c45f238ce7c3401957c31e28776ebd8f43d908c4 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Wed, 15 Oct 2025 07:02:12 +0530 Subject: [PATCH] add pihole deployment, service, PVC, and sealed secret configurations --- clusters/default/tools/pihole/pihole-pvc.yml | 14 +++++ .../default/tools/pihole/pihole-secret.yml | 14 +++++ clusters/default/tools/pihole/pihole-svc.yml | 15 ++++++ clusters/default/tools/pihole/pihole.yml | 54 +++++++++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 clusters/default/tools/pihole/pihole-pvc.yml create mode 100644 clusters/default/tools/pihole/pihole-secret.yml create mode 100644 clusters/default/tools/pihole/pihole-svc.yml create mode 100644 clusters/default/tools/pihole/pihole.yml diff --git a/clusters/default/tools/pihole/pihole-pvc.yml b/clusters/default/tools/pihole/pihole-pvc.yml new file mode 100644 index 0000000..b744f57 --- /dev/null +++ b/clusters/default/tools/pihole/pihole-pvc.yml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pihole-longhorn + namespace: tools +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 1Gi + storageClassName: longhorn diff --git a/clusters/default/tools/pihole/pihole-secret.yml b/clusters/default/tools/pihole/pihole-secret.yml new file mode 100644 index 0000000..8f00116 --- /dev/null +++ b/clusters/default/tools/pihole/pihole-secret.yml @@ -0,0 +1,14 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: pihole-secrets + namespace: tools +spec: + encryptedData: + api_password: AgAwJyTFaLV8e3esoQTbXHR+aFfuS4NGcFRC4R+YkHUcQYPBJwUxWcA0KzPdfuYGYmXAxfC+Z6orWCSyUpM9uY9MKvSWHAS09xa5pevf+GLWw7K6707oSbXM6XWB2wT+srVkB8MfJDiXbqvI+BgAgYREYGRqgZfcr7bGXoaRzZPd06yMh9AMO7ABMzsv1VPr0YWF5de8eRXjw1xqc64ZweAk9bdwBYwx5eFetn3kUxjQG7sNSIwYMC1YL4Z/NfEhV1GplEqLz0Ag5ZiEjFBSiQhXGC5t+vCtrA8+BFLeBFZw56BseCBm9ZsNwzKP8I0qnrjZlvs1+vxFMkv4qzRnLkK3/0TUJCs9rD5NqAvSHyy/URiLFKcMbHmjPDDo9Y6/5jSB2G+gltU/5nOy/wYorwVc8fk7ix5bYbQi2r8O9sRdH8/liTobs5Sv0Edw5aiISc/vgBHaE8FmicY33HTFELQyAMDuClA86+GPcV9AeibTlBdypvv2L5jQOyiaf32xTetN5qkO/KzOjA/W99rMLTU4y0JxPUuNWMBqggafSWNwyshcRP6oALPKsHxgjBzO/L7Rdq9bk6B9OSNxVA0wxUzTuZcv0/2SGQD2iqWFHv/qBlQk4HijtkRDNtHkxcM3sNqfq3bUxyNVQrHvzxw1ng5TWZDSZPNMWbh/eSzV5xqZIAU8KNP3VbRqY6S0TGwSPPvI/z7VrzQRIgDP5Q== + template: + metadata: + name: pihole-secrets + namespace: tools + type: Opaque diff --git a/clusters/default/tools/pihole/pihole-svc.yml b/clusters/default/tools/pihole/pihole-svc.yml new file mode 100644 index 0000000..486de08 --- /dev/null +++ b/clusters/default/tools/pihole/pihole-svc.yml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: pihole-tcp-service + namespace: tools +spec: + type: LoadBalancer + selector: + app: pihole + ports: + - port: 8585 + targetPort: 80 + protocol: TCP + name: web diff --git a/clusters/default/tools/pihole/pihole.yml b/clusters/default/tools/pihole/pihole.yml new file mode 100644 index 0000000..8a7632b --- /dev/null +++ b/clusters/default/tools/pihole/pihole.yml @@ -0,0 +1,54 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pihole + namespace: tools +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: pihole + template: + metadata: + labels: + app: pihole + spec: + hostNetwork: true + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - kube-02 + - kube-03 + - kube-04 + - kube-05 + containers: + - name: pihole + image: pihole/pihole@sha256:90a1412b3d3037d1c22131402bde19180d898255b584d685c84d943cf9c14821 + securityContext: + capabilities: + add: + - NET_ADMIN + env: + - name: TZ + value: "Asia/Kolkata" + - name: FTLCONF_dns_listeningMode + value: "all" + - name: FTLCONF_webserver_api_password + valueFrom: + secretKeyRef: + name: pihole-secrets + key: api_password + volumeMounts: + - name: pihole-data + mountPath: /etc/pihole + volumes: + - name: pihole-data + persistentVolumeClaim: + claimName: pihole-longhorn