diff --git a/pihole/index.ts b/external-dns/index.ts similarity index 54% rename from pihole/index.ts rename to external-dns/index.ts index b5dfb25..dec627e 100644 --- a/pihole/index.ts +++ b/external-dns/index.ts @@ -3,31 +3,18 @@ import { HelmProvider } from "@cdktf/provider-helm/lib/provider"; import { Release } from "@cdktf/provider-helm/lib/release"; import { Construct } from "constructs"; -type PiHoleOptions = { +type ExternalDNSOptions = { provider: HelmProvider; name: string; namespace: string; }; -export class PiHole extends Construct { - constructor(scope: Construct, id: string, options: PiHoleOptions) { +export class ExternalDNS extends Construct { + constructor(scope: Construct, id: string, options: ExternalDNSOptions) { super(scope, id); - new Release(this, id, { - ...options, - repository: "https://mojo2600.github.io/pihole-kubernetes", - chart: "pihole", - values: [ - fs.readFileSync("helm/values/pihole.values.yaml", { - encoding: "utf8", - }), - ], - }); - new Release(this, "external-dns", { - provider: options.provider, - name: "externaldns-pihole", - namespace: options.namespace, + ...options, repository: "oci://registry-1.docker.io/bitnamicharts/", chart: "external-dns", values: [ diff --git a/helm/values/externaldns.values.yaml b/helm/values/externaldns.values.yaml index c78d927..f6e5c8e 100644 --- a/helm/values/externaldns.values.yaml +++ b/helm/values/externaldns.values.yaml @@ -1,15 +1,25 @@ +global: + security: + allowInsecureImages: true # needed for ghcr.io images +image: + registry: docker.io + repository: bitnamilegacy/external-dns + tag: 0.18.0-debian-12-r1 + pullPolicy: IfNotPresent interval: 10s provider: pihole policy: upsert-only txtOwnerId: "homelab" pihole: - server: http://pihole-web + server: http://rashid +nodeSelector: + nodepool: worker extraEnvVars: - name: EXTERNAL_DNS_PIHOLE_PASSWORD valueFrom: secretKeyRef: name: pihole-admin - key: password + key: app-password extraArgs: pihole-api-version: 6 serviceAccount: @@ -18,7 +28,7 @@ serviceAccount: ingressClassFilters: - nginx-internal metrics: - enabled: true + enabled: false serviceMonitor: enabled: true interval: 30s diff --git a/helm/values/pihole.values.yaml b/helm/values/pihole.values.yaml deleted file mode 100644 index 55e016c..0000000 --- a/helm/values/pihole.values.yaml +++ /dev/null @@ -1,84 +0,0 @@ ---- -DNS1: - 1.1.1.1 -DNS2: - 1.0.0.1 -admin: - enabled: true - existingSecret: pihole-admin - passwordKey: password -persistentVolumeClaim: - enabled: true - storageClass: longhorn - size: 10Gi - accessModes: - - ReadWriteMany -ingress: - enabled: true - ingressClassName: nginx-internal - annotations: - cert-manager.io/cluster-issuer: cloudflare-issuer - cert-manager.io/acme-challenge-type: dns01 - cert-manager.io/private-key-size: "4096" - hosts: - - pihole.dogar.dev - tls: - - secretName: pihole-tls - hosts: - - pihole.dogar.dev -serviceWeb: - annotations: - metallb.universe.tf/allow-shared-ip: pihole-svc - type: ClusterIP - https: - enabled: false -serviceDns: - annotations: - metallb.universe.tf/allow-shared-ip: pihole-svc - mixedService: true - type: LoadBalancer - loadBalancerIP: 192.168.18.250 -serviceDhcp: - enabled: false -probes: - liveness: - enabled: false - readiness: - enabled: false -dnsmasq: - staticDhcpEntries: - - dhcp-host=B0:41:6F:0F:A8:D3,192.168.18.10,homelab-0 - - dhcp-host=B0:41:6F:0F:AE:89,192.168.18.11,homelab-1 - - dhcp-host=B0:41:6F:0F:A0:CD,192.168.18.12,homelab-2 -hostNetwork: true -hostname: pihole -priviledged: true -virtualHost: "pihole.dogar.dev" -capabilities: - add: - - NET_ADMIN -extraEnvVars: - TZ: "Asia/Karachi" - DNSSEC: "true" - FTLCONG_dhcp_active: "true" - FTLCONF_dhcp_start: "192.168.18.2" - FTLCONF_dhcp_end: "192.168.18.100" - FTLCONF_dhcp_leaseTime: "24h" - FTLCONF_dhcp_netmask: "255.255.255.0" - FTLCONF_dhcp_router: "192.168.18.1" - FTLCONF_dns_listeningMode: "all" - INTERFACE: "enp1s0" -podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9617" -monitoring: - sidecar: - enabled: true - port: 9617 - image: - repository: ekofr/pihole-exporter - tag: v0.3.0 - pullPolicy: IfNotPresent - resources: - limits: - memory: 128Mi diff --git a/main.ts b/main.ts index 8ea94f4..fdb981b 100644 --- a/main.ts +++ b/main.ts @@ -16,7 +16,7 @@ import { Manifest } from "@cdktf/provider-kubernetes/lib/manifest"; import { Nginx } from "./nginx"; import { Prometheus } from "./prometheus"; import { MetalLB } from "./metallb"; -import { PiHole } from "./pihole"; +import { ExternalDNS } from "./external-dns"; dotenv.config(); @@ -57,26 +57,7 @@ class Homelab extends TerraformStack { }, }); - new Manifest(this, "core-dns", { - provider: kubernetes, - manifest: { - kind: "ConfigMap", - apiVersion: "v1", - metadata: { - name: "coredns-custom", - namespace: "kube-system", - }, - data: { - "forward.override": `forward . /etc/resolv.conf { - policy sequential - } - `, - }, - }, - }); - - const longhorn = new Longhorn(this, "longhorn", { - namespace, + new Longhorn(this, "longhorn", { name: "longhorn", providers: { kubernetes, @@ -116,15 +97,14 @@ class Homelab extends TerraformStack { }, }); - const pihole = new PiHole(this, "pihole", { + const externalDNS = new ExternalDNS(this, "external-dns", { namespace, provider: helm, - name: "pihole", + name: "external-dns", }); - pihole.node.addDependency(longhorn); - pihole.node.addDependency(nginx); - pihole.node.addDependency(cm); + externalDNS.node.addDependency(nginx); + externalDNS.node.addDependency(cm); new Prometheus(this, "prometheus", { provider: helm,