{{ include "common.storage.hostPathValidate" .Values }} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }}-pihole labels: app: {{ template "common.names.name" . }} chart: {{ template "common.names.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} annotations: rollme: {{ randAlphaNum 5 | quote }} spec: replicas: {{ (default 1 .Values.replicas) }} strategy: type: "Recreate" selector: matchLabels: app: {{ template "common.names.name" . }} release: {{ .Release.Name }} template: metadata: name: {{ template "common.names.fullname" . }} labels: app: {{ template "common.names.name" . }} release: {{ .Release.Name }} {{- include "common.labels.selectorLabels" . | nindent 8 }} annotations: {{ include "common.annotations" . | nindent 8 }} spec: {{/* Host network is pretty much a requirement for apps like this. Because NodePort can't bind ports like 53(DNS) or 67(DHCP) and the majority of devices do not have option to change the port. */}} hostNetwork: true dnsPolicy: ClusterFirstWithHostNet containers: - name: {{ .Chart.Name }} {{ include "common.resources.limitation" . | nindent 10 }} {{ include "common.containers.imageConfig" .Values.image | nindent 10 }} volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - name: extrappvolume-{{ $index }} mountPath: {{ $hostPathConfiguration.mountPath }} {{ end }} securityContext: capabilities: {{/* This is needed to be able to bind 53(DNS) and 67(DHCP) ports */}} add: ["NET_ADMIN"] ports: - name: web containerPort: {{ .Values.web_port }} - name: dns-tcp containerPort: 53 protocol: TCP - name: dns-udp containerPort: 53 protocol: UDP {{ if .Values.dhcp }} - name: dhcp containerPort: 67 protocol: UDP {{ end }} readinessProbe: httpGet: path: /admin/login.php port: {{ .Values.web_port }} initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 successThreshold: 2 livenessProbe: httpGet: path: /admin/login.php port: {{ .Values.web_port }} initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 successThreshold: 1 startupProbe: httpGet: path: /admin/login.php port: {{ .Values.web_port }} initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 2 failureThreshold: 60 successThreshold: 1 env: {{ $secretName := (include "common.names.fullname" .) }} {{ $envList := (default list .Values.environmentVariables) }} {{ $envList = mustAppend $envList (dict "name" "WEBPASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "password") }} {{ $envList = mustAppend $envList (dict "name" "TZ" "value" (printf "%s" .Values.timezone)) }} {{ $envList = mustAppend $envList (dict "name" "WEB_PORT" "value" .Values.web_port) }} {{ if .Values.dhcp }} {{ $envList = mustAppend $envList (dict "name" "DHCP_ACTIVE" "value" "true") }} {{ $envList = mustAppend $envList (dict "name" "DHCP_START" "value" .Values.dhcp_start) }} {{ $envList = mustAppend $envList (dict "name" "DHCP_END" "value" .Values.dhcp_end) }} {{ $envList = mustAppend $envList (dict "name" "DHCP_ROUTER" "value" .Values.dhcp_gateway) }} {{ end }} {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }} {{ include "common.networking.dnsConfiguration" .Values | nindent 6 }} volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - name: extrappvolume-{{ $index }} hostPath: path: {{ $hostPathConfiguration.hostPath }} {{ end }}