add pihole deployment, service, PVC, and sealed secret configurations

2025-10-15 07:02:12 +05:30
parent afc51f3766
commit c45f238ce7
4 changed files with 97 additions and 0 deletions
--- a/clusters/default/tools/pihole/pihole.yml
+++ b/clusters/default/tools/pihole/pihole.yml
@@ -0,0 +1,54 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: pihole
+  namespace: tools
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: pihole
+  template:
+    metadata:
+      labels:
+        app: pihole
+    spec:
+      hostNetwork: true
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/hostname
+                operator: In
+                values:
+                - kube-02
+                - kube-03
+                - kube-04
+                - kube-05
+      containers:
+      - name: pihole
+        image: pihole/pihole@sha256:90a1412b3d3037d1c22131402bde19180d898255b584d685c84d943cf9c14821
+        securityContext:
+          capabilities:
+            add:
+            - NET_ADMIN
+        env:
+        - name: TZ
+          value: "Asia/Kolkata"
+        - name: FTLCONF_dns_listeningMode
+          value: "all"
+        - name: FTLCONF_webserver_api_password
+          valueFrom:
+            secretKeyRef:
+              name: pihole-secrets
+              key: api_password
+        volumeMounts:
+        - name: pihole-data
+          mountPath: /etc/pihole
+      volumes:
+      - name: pihole-data
+        persistentVolumeClaim:
+          claimName: pihole-longhorn