pihole - add net_raw and fix migration (#2180)

* pihole - add net_raw aswell

* bump

* only check for the migration type if already migrated

library/ix-dev/charts/pihole/Chart.yaml

@@ -3,7 +3,7 @@ description: DNS and Ad-filtering for your network.
 annotations:
   title: Pi-hole
 type: application
-version: 2.0.3
+version: 2.0.4
 apiVersion: v2
 appVersion: 2023.11.0
 kubeVersion: '>=1.16.0-0'

library/ix-dev/charts/pihole/metadata.yaml

@@ -23,6 +23,8 @@ capabilities:
     description: Pi-hole is able to perform various network-related operations.
   - name: NET_BIND_SERVICE
     description: Pi-hole is able to bind to a privileged port.
+  - name: NET_RAW
+    description: Pi-hole is able to use raw sockets.
   - name: KILL
     description: Pi-hole is able to kill processes.
 hostMounts: []

library/ix-dev/charts/pihole/migrations/migrate

@@ -81,11 +81,11 @@ def migrate_common_lib(values):
 def migrate(values):
     # If this missing, we have already migrated
     if not 'appVolumeMounts' in values.keys():
-        return values
+        # Handle typo for users that already gone through the migration
+        if 'cache' in values['piholeStorage'].keys():
+            values['piholeStorage']['dnsmasq'] = values['piholeStorage'].pop('cache')
 
-    # Handle typo for users that already gone through the migration
-    if 'cache' in values['piholeStorage'].keys():
-        values['piholeStorage']['dnsmasq'] = values['piholeStorage'].pop('cache')
+        return values
 
     return migrate_common_lib(values)
 

library/ix-dev/charts/pihole/templates/_pihole.tpl

@@ -20,6 +20,7 @@ workload:
             capabilities:
               add:
                 - NET_ADMIN
+                - NET_RAW
                 - NET_BIND_SERVICE
                 - CHOWN
                 - DAC_OVERRIDE