tuananh/configmap.yaml

## configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
    name: pihole-config
data:
    WEBPASSWORD: pihole
    TZ: 'Asia/Ho_Chi_Minh'
    DNS1: 1.1.1.1
    DNS2: 1.0.0.1

## deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
    labels:
        app: pihole
    name: pihole
    namespace: default
spec:
    selector:
        matchLabels:
            app: pihole
    template:
        metadata:
            labels:
                app: pihole
        spec:
            containers:
                - image: pihole/pihole:v5.0
                  imagePullPolicy: IfNotPresent
                  name: pihole
                  env:
                      - name: WEBPASSWORD
                        valueFrom:
                            secretKeyRef:
                                name: pihole-secret
                                key: WEBPASSWORD
                      - name: TZ
                        valueFrom:
                            configMapKeyRef:
                                name: pihole-config
                                key: TZ
                      - name: DNS1
                        valueFrom:
                            configMapKeyRef:
                                name: pihole-config
                                key: DNS1
                      - name: DNS2
                        valueFrom:
                            configMapKeyRef:
                                name: pihole-config
                                key: DNS2
                  volumeMounts:
                      - name: pihole-pvc
                        mountPath: '/etc/pihole'
                      - name: dnsmasq-pvc
                        mountPath: '/etc/dnsmasq.d'
            restartPolicy: Always
            volumes:
                - name: pihole-pvc
                  persistentVolumeClaim:
                      claimName: pihole-pvc
                - name: dnsmasq-pvc
                  persistentVolumeClaim:
                      claimName: dnsmasq-pvc

## pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
    name: pihole-pvc
    annotations:
        volume.beta.kubernetes.io/storage-class: 'nfs-client'
spec:
    accessModes:
        - ReadWriteMany
    resources:
        requests:
            storage: 1Gi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
    name: dnsmasq-pvc
    annotations:
        volume.beta.kubernetes.io/storage-class: 'nfs-client'
spec:
    accessModes:
        - ReadWriteMany
    resources:
        requests:
            storage: 100Mi

## secret.yaml
apiVersion: v1
kind: Secret
metadata:
    name: pihole-secret
type: Opaque
data:
    # echo -n 'pihole' | base64
    WEBPASSWORD: cGlob2xl

## svc.yaml
apiVersion: v1
kind: Service
metadata:
    name: pihole-tcp
    annotations:
        metallb.universe.tf/address-pool: default
        metallb.universe.tf/allow-shared-ip: pihole-svc
spec:
    externalTrafficPolicy: Local
    loadBalancerIP: 10.0.20.3
    ports:
        # pihole use Ports to expose (53, 80, 67, 443), the bare minimum ports required for Pi-holes HTTP and DNS services
        - port: 80
          targetPort: 80
          name: port80
          protocol: TCP
        - port: 443
          targetPort: 443
          name: port443
          protocol: TCP
        - port: 53
          targetPort: 53
          protocol: TCP
          name: port53
    selector:
        app: pihole
    type: LoadBalancer
---
apiVersion: v1
kind: Service
metadata:
    name: pihole-udp
    annotations:
        metallb.universe.tf/address-pool: default
        metallb.universe.tf/allow-shared-ip: pihole-svc
spec:
    externalTrafficPolicy: Local
    loadBalancerIP: 10.0.20.3
    ports:
        - port: 53
          targetPort: 53
          protocol: UDP
          name: port53-udp
        - port: 67
          targetPort: 67
          protocol: UDP
          name: port67-udp
    selector:
        app: pihole
    type: LoadBalancer
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: pihole-config
	data:
	WEBPASSWORD: pihole
	TZ: 'Asia/Ho_Chi_Minh'
	DNS1: 1.1.1.1
	DNS2: 1.0.0.1
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	labels:
	app: pihole
	name: pihole
	namespace: default
	spec:
	selector:
	matchLabels:
	app: pihole
	template:
	metadata:
	labels:
	app: pihole
	spec:
	containers:
	- image: pihole/pihole:v5.0
	imagePullPolicy: IfNotPresent
	name: pihole
	env:
	- name: WEBPASSWORD
	valueFrom:
	secretKeyRef:
	name: pihole-secret
	key: WEBPASSWORD
	- name: TZ
	valueFrom:
	configMapKeyRef:
	name: pihole-config
	key: TZ
	- name: DNS1
	valueFrom:
	configMapKeyRef:
	name: pihole-config
	key: DNS1
	- name: DNS2
	valueFrom:
	configMapKeyRef:
	name: pihole-config
	key: DNS2
	volumeMounts:
	- name: pihole-pvc
	mountPath: '/etc/pihole'
	- name: dnsmasq-pvc
	mountPath: '/etc/dnsmasq.d'
	restartPolicy: Always
	volumes:
	- name: pihole-pvc
	persistentVolumeClaim:
	claimName: pihole-pvc
	- name: dnsmasq-pvc
	persistentVolumeClaim:
	claimName: dnsmasq-pvc
	kind: PersistentVolumeClaim
	apiVersion: v1
	metadata:
	name: pihole-pvc
	annotations:
	volume.beta.kubernetes.io/storage-class: 'nfs-client'
	spec:
	accessModes:
	- ReadWriteMany
	resources:
	requests:
	storage: 1Gi
	---
	kind: PersistentVolumeClaim
	apiVersion: v1
	metadata:
	name: dnsmasq-pvc
	annotations:
	volume.beta.kubernetes.io/storage-class: 'nfs-client'
	spec:
	accessModes:
	- ReadWriteMany
	resources:
	requests:
	storage: 100Mi
	apiVersion: v1
	kind: Secret
	metadata:
	name: pihole-secret
	type: Opaque
	data:
	# echo -n 'pihole' \| base64
	WEBPASSWORD: cGlob2xl
	apiVersion: v1
	kind: Service
	metadata:
	name: pihole-tcp
	annotations:
	metallb.universe.tf/address-pool: default
	metallb.universe.tf/allow-shared-ip: pihole-svc
	spec:
	externalTrafficPolicy: Local
	loadBalancerIP: 10.0.20.3
	ports:
	# pihole use Ports to expose (53, 80, 67, 443), the bare minimum ports required for Pi-holes HTTP and DNS services
	- port: 80
	targetPort: 80
	name: port80
	protocol: TCP
	- port: 443
	targetPort: 443
	name: port443
	protocol: TCP
	- port: 53
	targetPort: 53
	protocol: TCP
	name: port53
	selector:
	app: pihole
	type: LoadBalancer
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: pihole-udp
	annotations:
	metallb.universe.tf/address-pool: default
	metallb.universe.tf/allow-shared-ip: pihole-svc
	spec:
	externalTrafficPolicy: Local
	loadBalancerIP: 10.0.20.3
	ports:
	- port: 53
	targetPort: 53
	protocol: UDP
	name: port53-udp
	- port: 67
	targetPort: 67
	protocol: UDP
	name: port67-udp
	selector:
	app: pihole
	type: LoadBalancer