# Default values for pihole. # This is a YAML-formatted file. # Declare variables to be passed into your templates. # -- The number of replicas replicaCount: 1 # -- The `spec.strategyTpye` for updates strategyType: RollingUpdate # -- The maximum number of Pods that can be created over the desired number of `ReplicaSet` during updating. maxSurge: 1 # -- The maximum number of Pods that can be unavailable during updating maxUnavailable: 1 image: # -- the repostory to pull the image from repository: "pihole/pihole" # -- the docker tag, if left empty it will get it from the chart's appVersion tag: "" # -- the pull policy pullPolicy: IfNotPresent dualStack: # -- set this to true to enable creation of DualStack services or creation of separate IPv6 services if `serviceDns.type` is set to `"LoadBalancer"` enabled: false dnsHostPort: # -- set this to true to enable dnsHostPort enabled: false # -- default port for this pod port: 53 # -- Configuration for the DNS service on port 53 serviceDns: # -- deploys a mixed (TCP + UDP) Service instead of separate ones mixedService: false # -- `spec.type` for the DNS Service type: LoadBalancer # -- The port of the DNS service port: 53 # -- Optional node port for the DNS service nodePort: "" # -- `spec.externalTrafficPolicy` for the DHCP Service externalTrafficPolicy: Local # -- A fixed `spec.loadBalancerIP` for the DNS Service loadBalancerIP: 192.168.1.3 # -- A fixed `spec.loadBalancerIP` for the IPv6 DNS Service loadBalancerIPv6: "" # -- Annotations for the DNS service annotations: # metallb.universe.tf/address-pool: network-services metallb.universe.tf/allow-shared-ip: pihole-svc # -- Configuration for the DHCP service on port 67 serviceDhcp: # -- Generate a Service resource for DHCP traffic enabled: false # -- `spec.type` for the DHCP Service type: NodePort # -- `spec.externalTrafficPolicy` for the DHCP Service externalTrafficPolicy: Local # -- A fixed `spec.loadBalancerIP` for the DHCP Service loadBalancerIP: "" # -- A fixed `spec.loadBalancerIP` for the IPv6 DHCP Service loadBalancerIPv6: "" # -- Annotations for the DHCP service annotations: {} # metallb.universe.tf/address-pool: network-services # metallb.universe.tf/allow-shared-ip: pihole-svc # -- Configuration for the web interface service serviceWeb: # -- Configuration for the HTTP web interface listener http: # -- Generate a service for HTTP traffic enabled: true # -- The port of the web HTTP service port: 80 # -- Configuration for the HTTPS web interface listener https: # -- Generate a service for HTTPS traffic enabled: true # -- The port of the web HTTPS service port: 443 # -- `spec.type` for the web interface Service type: ClusterIP # -- `spec.externalTrafficPolicy` for the web interface Service externalTrafficPolicy: Local # -- A fixed `spec.loadBalancerIP` for the web interface Service loadBalancerIP: "" # -- A fixed `spec.loadBalancerIP` for the IPv6 web interface Service loadBalancerIPv6: "" # -- Annotations for the DHCP service annotations: {} # metallb.universe.tf/address-pool: network-services # metallb.universe.tf/allow-shared-ip: pihole-svc virtualHost: pi.hole # -- Configuration for the Ingress ingress: # -- Generate a Ingress resource enabled: false # DONE EXTERNALLY # -- Specify an ingressClassName # ingressClassName: nginx # -- Annotations for the ingress annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" path: / hosts: # virtualHost (default value is pi.hole) will be appended to the hosts - chart-example.local tls: [] # - secretName: chart-example-tls # hosts: # #- virtualHost (default value is pi.hole) will be appended to the hosts # - chart-example.local # -- Probes configuration probes: # -- probes.liveness -- Configure the healthcheck for the ingress controller liveness: # -- Generate a liveness probe enabled: true initialDelaySeconds: 60 failureThreshold: 10 timeoutSeconds: 5 readiness: # -- Generate a readiness probe enabled: true initialDelaySeconds: 60 failureThreshold: 3 timeoutSeconds: 5 # -- We usually recommend not to specify default resources and to leave this as a conscious # -- choice for the user. This also increases chances charts run on environments with little # -- resources, such as Minikube. If you do want to specify resources, uncomment the following # -- lines, adjust them as necessary, and remove the curly braces after 'resources:'. resources: {} # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi # -- `spec.PersitentVolumeClaim` configuration persistentVolumeClaim: # -- set to true to use pvc enabled: true # -- specify an existing `PersistentVolumeClaim` to use existingClaim: "pihole-nfs" # -- Annotations for the `PersitentVolumeClaim` annotations: {} accessModes: - ReadWriteOnce size: "500Mi" ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" ## If subPath is set mount a sub folder of a volume instead of the root of the volume. ## This is especially handy for volume plugins that don't natively support sub mounting (like glusterfs). ## subPath: "pihole" nodeSelector: {} tolerations: [] # -- Specify a priorityClassName # priorityClassName: "" # Reference: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: [] # - maxSkew: # topologyKey: # whenUnsatisfiable: # labelSelector: affinity: {} # -- Administrator password when not using an existing secret (see below) adminPassword: "admin" # -- Use an existing secret for the admin password. admin: # -- Specify an existing secret to use as admin password existingSecret: "" # -- Specify the key inside the secret to use passwordKey: "" # -- extraEnvironmentVars is a list of extra enviroment variables to set for pihole to use extraEnvVars: {} # TZ: UTC # -- extraEnvVarsSecret is a list of secrets to load in as environment variables. extraEnvVarsSecret: {} # env_var: # name: secret-name # key: secret-key # -- default upstream DNS 1 server to use DNS1: "8.8.8.8" # -- default upstream DNS 2 server to use DNS2: "8.8.4.4" antiaff: # -- set to true to enable antiaffinity (example: 2 pihole DNS in the same cluster) enabled: false # -- Here you can set the pihole release (you set in `helm install ...`) # you want to avoid avoidRelease: pihole1 # -- Here you can choose between preferred or required strict: true doh: # -- set to true to enabled DNS over HTTPs via cloudflared enabled: false name: "cloudflared" repository: "crazymax/cloudflared" tag: latest pullPolicy: IfNotPresent # -- Here you can pass environment variables to the DoH container, for example: envVars: {} # TUNNEL_DNS_UPSTREAM: "https://1.1.1.2/dns-query,https://1.0.0.2/dns-query" # -- Probes configuration probes: # -- Configure the healthcheck for the doh container liveness: # -- set to true to enable liveness probe enabled: true # -- defines the initial delay for the liveness probe initialDelaySeconds: 60 # -- defines the failure threshold for the liveness probe failureThreshold: 10 # -- defines the timeout in secondes for the liveness probe timeoutSeconds: 5 dnsmasq: # -- Add upstream dns servers. All lines will be added to the pihole dnsmasq configuration upstreamServers: [] # - server=/foo.bar/192.168.178.10 # - server=/bar.foo/192.168.178.11 # -- Add custom dns entries to override the dns resolution. All lines will be added to the pihole dnsmasq configuration. customDnsEntries: [] # - address=/foo.bar/192.168.178.10 # - address=/bar.foo/192.168.178.11 # -- Dnsmasq reads the /etc/hosts file to resolve ips. You can add additional entries if you like additionalHostsEntries: [] # - 192.168.0.3 host4 # - 192.168.0.4 host5 # -- Static DHCP config staticDhcpEntries: [] # staticDhcpEntries: # - dhcp-host=MAC_ADDRESS,IP_ADDRESS,HOSTNAME # -- Other options customSettings: # otherSettings: # - rebind-domain-ok=/plex.direct/ # -- Here we specify custom cname entries that should point to `A` records or # elements in customDnsEntries array. # The format should be: # - cname=cname.foo.bar,foo.bar # - cname=cname.bar.foo,bar.foo # - cname=cname record,dns record customCnameEntries: [] # Here we specify custom cname entries that should point to `A` records or # elements in customDnsEntries array. # The format should be: # - cname=cname.foo.bar,foo.bar # - cname=cname.bar.foo,bar.foo # - cname=cname record,dns record # -- list of adlists to import during initial start of the container adlists: {} # If you want to provide blocklists, add them here. # - https://hosts-file.net/grm.txt # - https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts # -- list of whitelisted domains to import during initial start of the container whitelist: {} # If you want to provide whitelisted domains, add them here. # - clients4.google.com # -- list of blacklisted domains to import during initial start of the container blacklist: {} # If you want to have special domains blacklisted, add them here # - *.blackist.com # -- list of blacklisted regex expressions to import during initial start of the container regex: {} # Add regular expression blacklist items # - (^|\.)facebook\.com$ # -- values that should be added to pihole-FTL.conf ftl: {} # Add values for pihole-FTL.conf # MAXDBDAYS: 14 # -- port the container should use to expose HTTP traffic webHttp: "80" # -- port the container should use to expose HTTPS traffic webHttps: "443" # -- hostname of pod hostname: "" # -- should the container use host network hostNetwork: "false" # -- should container run in privileged mode privileged: "false" customVolumes: # -- set this to true to enable custom volumes enabled: false # -- any volume type can be used here config: {} # hostPath: # path: "/mnt/data" # -- Additional annotations for pods podAnnotations: {} # Example below allows Prometheus to scape on metric port (requires pihole-exporter sidecar enabled) # prometheus.io/port: '9617' # prometheus.io/scrape: 'true' monitoring: # -- Preferably adding prometheus scrape annotations rather than enabling podMonitor. podMonitor: # -- set this to true to enable podMonitor enabled: false # -- Sidecar configuration sidecar: # -- set this to true to enable podMonitor as sidecar enabled: false port: 9617 image: repository: ekofr/pihole-exporter tag: 0.0.10 pullPolicy: IfNotPresent resources: limits: memory: 128Mi # requests: # cpu: 100m # memory: 128Mi podDnsConfig: enabled: true policy: "None" nameservers: - 127.0.0.1 - 8.8.8.8