---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: pihole-backup
  namespace: tools
spec:
  selector:
    matchLabels:
      app: pihole
  template:
    metadata:
      labels:
        app: pihole
    spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet

      initContainers:
      - name: init-keepalived
        image: osixia/keepalived:2.0.20
        command:
          - sh
          - -c
          - |
            cp -r /container/service/keepalived/assets/* /etc/keepalived/
            cp /config/keepalived.conf /etc/keepalived/keepalived.conf
        volumeMounts:
          - name: keepalived-config
            mountPath: /config
          - name: keepalived-runtime
            mountPath: /etc/keepalived

      containers:
      - name: pihole
        image: pihole/pihole:latest
        securityContext:
          capabilities:
            add: ["NET_ADMIN"]
        env:
          - name: TZ
            value: "Asia/Kolkata"
          - name: FTLCONF_webserver_api_password
            valueFrom:
              secretKeyRef:
                name: pihole-webpassword
                key: password
        ports:
          - containerPort: 53
            protocol: UDP
          - containerPort: 53
            protocol: TCP
          - containerPort: 67
            protocol: UDP
          - containerPort: 80
            protocol: TCP
        volumeMounts:
          - name: pihole-data
            mountPath: /etc/pihole

      - name: keepalived
        image: osixia/keepalived:2.0.20
        securityContext:
          capabilities:
            add: ["NET_ADMIN", "NET_BROADCAST", "NET_RAW"]

        volumeMounts:
          - name: keepalived-runtime
            mountPath: /container/service/keepalived/assets

      volumes:
      - name: keepalived-config
        configMap:
          name: keepalived-config

      - name: keepalived-runtime
        emptyDir: {}

      - name: pihole-data
        persistentVolumeClaim:
          claimName: pihole-longhorn