external-dns working

2025-01-29 22:58:11 +01:00 · 2025-01-29 22:58:11 +01:00 · a38d1a9762
commit a38d1a9762
parent ee9a6b9894
8 changed files with 52 additions and 3 deletions
--- a/.envs/.cloudflare.template
+++ b/.envs/.cloudflare.template
@ -1 +1 @@
-CF_API_TOKEN=e70d7d13-32a8-4f77-9afa-6faced4ea0e5
+cf_api_token=e70d7d13-32a8-4f77-9afa-6faced4ea0e5
--- a/.envs/.pihole.template
+++ b/.envs/.pihole.template
@ -0,0 +1 @@
+pihole_password=4cae2867-5ad0-4205-9070-99a4a7f59a09
--- a/README.md
+++ b/README.md
@ -0,0 +1,19 @@
+# gitops
+This repository contains core services for my kubernetes cluster which are
+- MetalLB - LoadBalancer
+- Ingress Nginx - Ingress Controller
+- CSI NFS - PVC
+- PiHole and ExternalDNS - LAN DNS
+- ArgoCD - GitOps for my other services
+## How to use
+
+1. Get the secrets
+Either manually put your secrets in .env or run `./scripts/bw2secrets` - TODO
+
+2. Apply Kustomizations
+`kubectl apply -k .`
+
+3. Install all the apps
+`helmfile apply`
+
+4. Profit!
--- a/helmfile.yaml
+++ b/helmfile.yaml
@ -11,6 +11,8 @@ repositories:
    url: https://argoproj.github.io/argo-helm
  - name: mojo2600
    url: https://mojo2600.github.io/pihole-kubernetes/
+  - name: bitnami
+    url: https://charts.bitnami.com/bitnami
 ---
 releases:
  - name: metallb
@ -45,3 +47,9 @@ releases:
    version: 2.27.0
    values:
      - ./values/pihole.values.yaml
+  - name: external-dns-pihole
+    namespace: pihole
+    chart: bitnami/external-dns
+    version: 8.7.3
+    values:
+      - ./values/external-dns-pihole.values.yaml
--- a/kustomization.yaml
+++ b/kustomization.yaml
@ -6,11 +6,18 @@ resources:
 - ./kustomize/csi-driver-nfs.yaml
 - ./kustomize/cert-manager-cloudflare.yaml

+
 secretGenerator:
  - name: cert-manager-cloudflare
    envs:
      - .envs/.cloudflare
    namespace: cert-manager
+  - name: pihole-admin
+    envs:
+      - .envs/.pihole
+    namespace: pihole
+    options:
+      disableNameSuffixHash: true

 configurations:
  - ./kustomizeconfig/clusterIssuer.yaml
--- a/kustomize/cert-manager-cloudflare.yaml
+++ b/kustomize/cert-manager-cloudflare.yaml
@ -15,4 +15,4 @@ spec:
            email: kropikuba@gmail.com
            apiTokenSecretRef:
              name: cert-manager-cloudflare
-              key: CF_API_TOKEN
+              key: cf_api_token
--- a/values/external-dns-pihole.values.yaml
+++ b/values/external-dns-pihole.values.yaml
@ -0,0 +1,10 @@
+txtOwnerId: kropcloud
+policy: upsert-only
+
+provider: pihole
+pihole:
+  server: http://pihole-web.pihole.svc.cluster.local
+  secretName: pihole-admin
+
+ingressClassFilters:
+  - ingress-nginx
--- a/values/pihole.values.yaml
+++ b/values/pihole.values.yaml
@ -11,6 +11,10 @@ ingress:
        - pihole.kropcloud.net
      secretName: pihole-tls

+admin:
+  existingSecret: pihole-admin
+  passwordKey: pihole_password
+
 persistentVolumeClaim:
  enabled: true
				`@ -0,0 +1 @@`
				`pihole_password=4cae2867-5ad0-4205-9070-99a4a7f59a09`