initial migration

2023-10-05 14:34:37 +02:00
parent 5cb41fd5e4
commit 41f0153fd0
145 changed files with 17441 additions and 0 deletions
--- a/unused/pihole.values.yml
+++ b/unused/pihole.values.yml
@@ -0,0 +1,397 @@
+# Default values for pihole.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# -- The number of replicas
+replicaCount: 1
+
+# -- The `spec.strategyTpye` for updates
+strategyType: RollingUpdate
+
+# -- The maximum number of Pods that can be created over the desired number of `ReplicaSet` during updating.
+maxSurge: 1
+
+# -- The maximum number of Pods that can be unavailable during updating
+maxUnavailable: 1
+
+image:
+  # -- the repostory to pull the image from
+  repository: "pihole/pihole"
+  # -- the docker tag, if left empty it will get it from the chart's appVersion
+  tag: ""
+  # -- the pull policy
+  pullPolicy: IfNotPresent
+
+dualStack:
+  # -- set this to true to enable creation of DualStack services or creation of separate IPv6 services if `serviceDns.type` is set to `"LoadBalancer"`
+  enabled: false
+
+dnsHostPort:
+  # -- set this to true to enable dnsHostPort
+  enabled: false
+  # -- default port for this pod
+  port: 53
+
+# -- Configuration for the DNS service on port 53
+serviceDns:
+
+  # -- deploys a mixed (TCP + UDP) Service instead of separate ones
+  mixedService: false
+
+  # -- `spec.type` for the DNS Service
+  type: LoadBalancer
+
+  # -- The port of the DNS service
+  port: 53
+
+  # -- Optional node port for the DNS service
+  nodePort: ""
+
+  # -- `spec.externalTrafficPolicy` for the DHCP Service
+  externalTrafficPolicy: Local
+
+  # -- A fixed `spec.loadBalancerIP` for the DNS Service
+  loadBalancerIP: 192.168.1.3
+  # -- A fixed `spec.loadBalancerIP` for the IPv6 DNS Service
+  loadBalancerIPv6: ""
+
+  # -- Annotations for the DNS service
+  annotations: 
+    # metallb.universe.tf/address-pool: network-services
+    metallb.universe.tf/allow-shared-ip: pihole-svc
+
+# -- Configuration for the DHCP service on port 67
+serviceDhcp:
+
+  # -- Generate a Service resource for DHCP traffic
+  enabled: false
+
+  # -- `spec.type` for the DHCP Service
+  type: NodePort
+
+  # -- `spec.externalTrafficPolicy` for the DHCP Service
+  externalTrafficPolicy: Local
+
+  # -- A fixed `spec.loadBalancerIP` for the DHCP Service
+  loadBalancerIP: ""
+  # -- A fixed `spec.loadBalancerIP` for the IPv6 DHCP Service
+  loadBalancerIPv6: ""
+
+  # -- Annotations for the DHCP service
+  annotations: {}
+    # metallb.universe.tf/address-pool: network-services
+    # metallb.universe.tf/allow-shared-ip: pihole-svc
+
+# -- Configuration for the web interface service
+serviceWeb:
+  # -- Configuration for the HTTP web interface listener
+  http:
+
+    # -- Generate a service for HTTP traffic
+    enabled: true
+
+    # -- The port of the web HTTP service
+    port: 80
+
+  # -- Configuration for the HTTPS web interface listener
+  https:
+    # -- Generate a service for HTTPS traffic
+    enabled: true
+
+    # -- The port of the web HTTPS service
+    port: 443
+
+  # -- `spec.type` for the web interface Service
+  type: ClusterIP
+
+  # -- `spec.externalTrafficPolicy` for the web interface Service
+  externalTrafficPolicy: Local
+
+  # -- A fixed `spec.loadBalancerIP` for the web interface Service
+  loadBalancerIP: ""
+  # -- A fixed `spec.loadBalancerIP` for the IPv6 web interface Service
+  loadBalancerIPv6: ""
+
+  # -- Annotations for the DHCP service
+  annotations: {}
+    # metallb.universe.tf/address-pool: network-services
+    # metallb.universe.tf/allow-shared-ip: pihole-svc
+
+virtualHost: pi.hole
+
+# -- Configuration for the Ingress
+ingress:
+  # -- Generate a Ingress resource
+  enabled: false # DONE EXTERNALLY
+
+  # -- Specify an ingressClassName
+  # ingressClassName: nginx
+
+  # -- Annotations for the ingress
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  path: /
+  hosts:
+    # virtualHost (default value is pi.hole) will be appended to the hosts
+    - chart-example.local
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #     #- virtualHost (default value is pi.hole) will be appended to the hosts
+  #      - chart-example.local
+
+# -- Probes configuration
+probes:
+  # -- probes.liveness -- Configure the healthcheck for the ingress controller
+  liveness:
+    # -- Generate a liveness probe
+    enabled: true
+    initialDelaySeconds: 60
+    failureThreshold: 10
+    timeoutSeconds: 5
+  readiness:
+    # -- Generate a readiness probe
+    enabled: true
+    initialDelaySeconds: 60
+    failureThreshold: 3
+    timeoutSeconds: 5
+
+# -- We usually recommend not to specify default resources and to leave this as a conscious
+# -- choice for the user. This also increases chances charts run on environments with little
+# -- resources, such as Minikube. If you do want to specify resources, uncomment the following
+# -- lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+resources: {}
+  # limits:
+  #  cpu: 100m
+  #  memory: 128Mi
+  # requests:
+  #  cpu: 100m
+  #  memory: 128Mi
+
+# -- `spec.PersitentVolumeClaim` configuration
+persistentVolumeClaim:
+  # -- set to true to use pvc
+  enabled: true
+
+  # -- specify an existing `PersistentVolumeClaim` to use
+  existingClaim: "pihole-nfs"
+
+  # -- Annotations for the `PersitentVolumeClaim`
+  annotations: {}
+
+  accessModes:
+    - ReadWriteOnce
+
+  size: "500Mi"
+
+  ## If defined, storageClassName: <storageClass>
+  ## If set to "-", storageClassName: "", which disables dynamic provisioning
+  ## If undefined (the default) or set to null, no storageClassName spec is
+  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+  ##   GKE, AWS & OpenStack)
+  ##
+  # storageClass: "-"
+
+  ## If subPath is set mount a sub folder of a volume instead of the root of the volume.
+  ## This is especially handy for volume plugins that don't natively support sub mounting (like glusterfs).
+
+  ## subPath: "pihole"
+
+nodeSelector: {}
+
+tolerations: []
+
+# -- Specify a priorityClassName
+# priorityClassName: ""
+
+# Reference: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+topologySpreadConstraints: []
+# - maxSkew: <integer>
+#   topologyKey: <string>
+#   whenUnsatisfiable: <string>
+#   labelSelector: <object>
+
+affinity: {}
+
+# -- Administrator password when not using an existing secret (see below)
+adminPassword: "admin"
+
+# -- Use an existing secret for the admin password.
+admin:
+  # -- Specify an existing secret to use as admin password
+  existingSecret: ""
+  # -- Specify the key inside the secret to use
+  passwordKey: ""
+
+# -- extraEnvironmentVars is a list of extra enviroment variables to set for pihole to use
+extraEnvVars: {}
+  # TZ: UTC
+
+# -- extraEnvVarsSecret is a list of secrets to load in as environment variables.
+extraEnvVarsSecret: {}
+  # env_var:
+  #   name: secret-name
+  #   key: secret-key
+
+# -- default upstream DNS 1 server to use
+DNS1: "8.8.8.8"
+# -- default upstream DNS 2 server to use
+DNS2: "8.8.4.4"
+
+antiaff:
+  # -- set to true to enable antiaffinity (example: 2 pihole DNS in the same cluster)
+  enabled: false
+  # -- Here you can set the pihole release (you set in `helm install <releasename> ...`)
+  # you want to avoid
+  avoidRelease: pihole1
+  # -- Here you can choose between preferred or required
+  strict: true
+
+doh:
+  # -- set to true to enabled DNS over HTTPs via cloudflared
+  enabled: false
+  name: "cloudflared"
+  repository: "crazymax/cloudflared"
+  tag: latest
+  pullPolicy: IfNotPresent
+  # -- Here you can pass environment variables to the DoH container, for example:
+  envVars: {}
+    # TUNNEL_DNS_UPSTREAM: "https://1.1.1.2/dns-query,https://1.0.0.2/dns-query"
+
+  # -- Probes configuration
+  probes:
+    # -- Configure the healthcheck for the doh container
+    liveness:
+      # -- set to true to enable liveness probe
+      enabled: true
+      # -- defines the initial delay for the liveness probe
+      initialDelaySeconds: 60
+      # -- defines the failure threshold for the liveness probe
+      failureThreshold: 10
+      # -- defines the timeout in secondes for the liveness probe
+      timeoutSeconds: 5
+
+dnsmasq:
+  # -- Add upstream dns servers. All lines will be added to the pihole dnsmasq configuration
+  upstreamServers: []
+  # - server=/foo.bar/192.168.178.10
+  # - server=/bar.foo/192.168.178.11
+
+  # -- Add custom dns entries to override the dns resolution. All lines will be added to the pihole dnsmasq configuration.
+  customDnsEntries: []
+  # - address=/foo.bar/192.168.178.10
+  # - address=/bar.foo/192.168.178.11
+
+  # -- Dnsmasq reads the /etc/hosts file to resolve ips. You can add additional entries if you like
+  additionalHostsEntries: []
+  # - 192.168.0.3     host4
+  # - 192.168.0.4     host5
+
+  # -- Static DHCP config
+  staticDhcpEntries: []
+  # staticDhcpEntries:
+  # - dhcp-host=MAC_ADDRESS,IP_ADDRESS,HOSTNAME
+
+  # -- Other options
+  customSettings:
+  # otherSettings:
+  # - rebind-domain-ok=/plex.direct/
+
+  # -- Here we specify custom cname entries that should point to `A` records or
+  # elements in customDnsEntries array.
+  # The format should be:
+  #  - cname=cname.foo.bar,foo.bar
+  #  - cname=cname.bar.foo,bar.foo
+  #  - cname=cname record,dns record
+  customCnameEntries: []
+  # Here we specify custom cname entries that should point to `A` records or
+  # elements in customDnsEntries array.
+  # The format should be:
+  #   - cname=cname.foo.bar,foo.bar
+  #   - cname=cname.bar.foo,bar.foo
+  #   - cname=cname record,dns record
+
+# -- list of adlists to import during initial start of the container
+adlists: {}
+  # If you want to provide blocklists, add them here.
+  # - https://hosts-file.net/grm.txt
+  # - https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
+
+# -- list of whitelisted domains to import during initial start of the container
+whitelist: {}
+  # If you want to provide whitelisted domains, add them here.
+  # - clients4.google.com
+
+# -- list of blacklisted domains to import during initial start of the container
+blacklist: {}
+  # If you want to have special domains blacklisted, add them here
+  # - *.blackist.com
+
+# -- list of blacklisted regex expressions to import during initial start of the container
+regex: {}
+  # Add regular expression blacklist items
+  # - (^|\.)facebook\.com$
+
+# -- values that should be added to pihole-FTL.conf
+ftl: {}
+  # Add values for pihole-FTL.conf
+  # MAXDBDAYS: 14
+
+# -- port the container should use to expose HTTP traffic
+webHttp: "80"
+
+# -- port the container should use to expose HTTPS traffic
+webHttps: "443"
+
+# -- hostname of pod
+hostname: ""
+
+# -- should the container use host network
+hostNetwork: "false"
+
+# -- should container run in privileged mode
+privileged: "false"
+
+customVolumes:
+  # -- set this to true to enable custom volumes
+  enabled: false
+  # -- any volume type can be used here
+  config: {}
+    # hostPath:
+    #   path: "/mnt/data"
+
+# -- Additional annotations for pods
+podAnnotations: {}
+  # Example below allows Prometheus to scape on metric port (requires pihole-exporter sidecar enabled)
+  # prometheus.io/port: '9617'
+  # prometheus.io/scrape: 'true'
+
+monitoring:
+  # -- Preferably adding prometheus scrape annotations rather than enabling podMonitor.
+  podMonitor:
+    # -- set this to true to enable podMonitor
+    enabled: false
+  # -- Sidecar configuration
+  sidecar:
+    # -- set this to true to enable podMonitor as sidecar
+    enabled: false
+    port: 9617
+    image:
+      repository: ekofr/pihole-exporter
+      tag: 0.0.10
+      pullPolicy: IfNotPresent
+    resources:
+      limits:
+        memory: 128Mi
+      # requests:
+      #  cpu: 100m
+      #  memory: 128Mi
+
+podDnsConfig:
+  enabled: true
+  policy: "None"
+  nameservers:
+  - 127.0.0.1
+  - 8.8.8.8
+