-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpihole-butane.yaml
126 lines (124 loc) · 3.67 KB
/
pihole-butane.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
---
variant: fcos
version: 1.4.0
passwd:
users:
# Default FCOS user
- name: core
ssh_authorized_keys:
# You'll want to add your public SSH key here if you'd like to SSH into your finalized machine.
# - <YOUR SSH PUBLIC KEY HERE>
systemd:
units:
- name: rpm-ostree-countme.timer
enabled: false
mask: true
# Disable systemd-resolved since we need port 53 for pi-hole.
- name: systemd-resolved.service
enabled: false
mask: true
# Configures Pi-Hole to run as a podman pod.
# See: https://www.redhat.com/sysadmin/podman-run-pods-systemd-services
- name: pi-hole.service
enabled: true
contents: |
[Unit]
Description=Pi-Hole Podman Container
Wants=network-online.target
After=network-online.target
After=firewalld.service
[Service]
ExecStart=podman play kube /etc/pi-hole.d/pihole-pod.yaml
ExecStop=podman play kube --down /etc/pi-hole.d/pihole-pod.yaml
Type=forking
[Install]
WantedBy=multi-user.target
storage:
files:
- path: /etc/pi-hole.d/pihole-pod.yaml
contents:
# Note: This Kubernetes Pod Spec is inlined as text in this file.
# This replaces the docker-compose.yml file described in https://github.com/pi-hole/docker-pi-hole
inline: |
---
apiVersion: v1
kind: Pod
metadata:
labels:
app: pihole
name: pihole
spec:
containers:
- image: docker.io/pihole/pihole:latest
name: pihole-server
# See: https://github.com/pi-hole/docker-pi-hole for full list of available env vars and config options.
env:
- name: DHCP_ACTIVE
value: "false"
- name: DNSSEC
value: "true"
- name: PIHOLE_DNS_
value: "1.1.1.1;1.0.0.1"
- name: TEMPERATUREUNIT
value: f
- name: TZ
value: America/New_York
- name: WEBPASSWORD
value: ...
- name: WEBTHEME
value: default-dark
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
- containerPort: 67
hostPort: 67
protocol: UDP
- containerPort: 53
hostPort: 53
- containerPort: 53
hostPort: 53
protocol: UDP
volumeMounts:
- mountPath: /etc/dnsmasq.d:Z
name: pihole_dnsmasq-pvc
- mountPath: /etc/pi-hole.d:Z
name: pihole_pihole-pvc
dnsConfig:
nameservers:
- 127.0.0.1
- 1.1.1.1
volumes:
- name: pihole_dnsmasq-pvc
persistentVolumeClaim:
claimName: pihole_dnsmasq
- name: pihole_pihole-pvc
persistentVolumeClaim:
claimName: pihole_pihole
# Set network manager to use default dns
- path: /etc/NetworkManager/NetworkManager.conf
overwrite: true
contents:
inline: |
[main]
dns=default
[logging]
mode: 0644
user:
id: 0
group:
id: 0
# Ensure resolv.conf is a real file, not a symlink
- path: /etc/resolv.conf
overwrite: true
contents:
inline: ""
mode: 0644
user:
id: 0
group:
id: 0
links:
- path: /etc/localtime
target: ../usr/share/zoneinfo/America/New_York