core services

helm/helmfile.yaml

@@ -0,0 +1,48 @@
+repositories:
+  - name: longhorn
+    url: https://charts.longhorn.io
+  - name: metallb
+    url: https://metallb.github.io/metallb
+  - name: mojo2600
+    url: https://mojo2600.github.io/pihole-kubernetes
+  - name: ingress-nginx
+    url: https://kubernetes.github.io/ingress-nginx
+  - name: bitnami
+    url: https://charts.bitnami.com/bitnami
+---
+releases:
+  # Distributed Storage
+  - name: longhorn
+    namespace: longhorn-system
+    chart: longhorn/longhorn
+    version: 1.7.0
+
+  # Load Balancer
+  - name: metallb
+    namespace: metallb-system
+    chart: metallb/metallb
+    version: 0.14.8
+
+  # pihole
+  - name: pihole
+    namespace: pihole-system
+    chart: mojo2600/pihole
+    version: 2.26.1
+    values:
+      - ./values/pihole.values.yaml
+
+  # Ingress for local network
+  - name: ingress-nginx-internal
+    namespace: nginx-system
+    chart: ingress-nginx/ingress-nginx
+    version: 4.10.1
+    values:
+      - ./values/nginx-internal.values.yaml
+
+  # Automatic DNS for pihole
+  - name: externaldns-pihole
+    namespace: pihole-system
+    chart: bitnami/external-dns
+    version: 8.3.4
+    values:
+      - ./values/externaldns.values.yaml

helm/values/externaldns.values.yaml

@@ -0,0 +1,16 @@
+provider: pihole
+policy: upsert-only
+txtOwnerId: "homelab"
+pihole:
+  server: http://pihole-web.pihole-system.svc.cluster.local
+extraEnvVars:
+  - name: EXTERNAL_DNS_PIHOLE_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: pihole-password
+        key: password
+serviceAccount:
+  create: true
+  name: "external-dns"
+ingressClassFilters:
+  - nginx-internal

helm/values/nginx-internal.values.yaml

@@ -0,0 +1,17 @@
+controller:
+  ingressClassResource:
+    # -- Name of the ingressClass
+    name: nginx-internal
+    # -- Is this ingressClass enabled or not
+    enabled: true
+    # -- Is this the default ingressClass for the cluster
+    default: true
+    # -- Controller-value of the controller that is processing this ingressClass
+    controllerValue: "k8s.io/ingress-nginx"
+    # -- Parameters is a link to a custom resource containing additional
+    # configuration for the controller. This is optional if the controller
+    # does not require extra parameters.
+    parameters: {}
+  # -- For backwards compatibility with ingress.class annotation, use ingressClass.
+  # Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation
+  ingressClass: nginx-internal

helm/values/pihole.values.yaml

@@ -0,0 +1,20 @@
+---
+DNS1:
+  192.168.0.1
+persistentVolumeClaim:
+  enabled: true
+ingress:
+  enabled: true
+  hosts:
+    - "pihole.home"
+serviceWeb:
+  loadBalancerIP: 192.168.0.250
+  annotations:
+    metallb.universe.tf/allow-shared-ip: pihole-svc
+  type: LoadBalancer
+serviceDns:
+  loadBalancerIP: 192.168.0.250
+  annotations:
+    metallb.universe.tf/allow-shared-ip: pihole-svc
+  type: LoadBalancer
+replicaCount: 1

kustomize/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+commonLabels:
+  app.kubernetes.io/managed-by: Kustomize
+resources:
+  - ./metallb/pool.yaml

kustomize/metallb/pool.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: pool
+  namespace: metallb-system
+spec:
+  addresses:
+    - 192.168.0.192/26
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: pool
+  namespace: metallb-system
+spec:
+  ipAddressPools:
+    - pool