---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pihole
  namespace: default
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: pihole
  template:
    metadata:
      labels:
        app: pihole
    spec:
      hostNetwork: true
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                - kube-02
                - kube-03
                - kube-04
                - kube-05
      containers:
      - name: pihole
        image: pihole/pihole@sha256:90a1412b3d3037d1c22131402bde19180d898255b584d685c84d943cf9c14821
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
        env:
        - name: TZ
          value: "Asia/Kolkata"
        - name: FTLCONF_dns_listeningMode
          value: "all"
        - name: FTLCONF_webserver_api_password
          valueFrom:
            secretKeyRef:
              name: pihole-secrets
              key: api_password
        volumeMounts:
        - name: pihole-data
          mountPath: /etc/pihole
      volumes:
      - name: pihole-data
        persistentVolumeClaim:
          claimName: pihole-ceph