Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 0c6b324af80de6ccca61675e2fbfff304f26767b / . / core / installer / values-tmpl / pihole.cue
blob: a1ec66a87ee383fe5dff5f24be61db0492016f64 [file] [log] [blame]
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]1input: {
2 network: #Network
3 subdomain: string
4}
5
6_domain: "\(input.subdomain).\(input.network.domain)"
7
Giorgi Lekveishvilief21c132024-01-17 18:57:58 +0400[diff] [blame]8name: "Pi-hole"
9namespace: "app-pihole"
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]10readme: "Installs pihole at https://\(_domain)"
Giorgi Lekveishvilief21c132024-01-17 18:57:58 +0400[diff] [blame]11description: "Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole and optionally a DHCP server, intended for use on a private network."
12icon: "<svg xmlns='http://www.w3.org/2000/svg' width='50' height='50' viewBox='0 0 24 24'><path fill='currentColor' d='M4.344 0c.238 4.792 3.256 7.056 6.252 7.376c.165-1.692-4.319-5.6-4.319-5.6c-.008-.011.009-.025.019-.014c0 0 4.648 4.01 5.423 5.645c2.762-.15 5.196-1.947 5-4.912c0 0-4.12-.613-5 4.618C11.48 2.753 8.993 0 4.344 0zM12 7.682v.002a3.68 3.68 0 0 0-2.591 1.077L4.94 13.227a3.683 3.683 0 0 0-.86 1.356a3.31 3.31 0 0 0-.237 1.255A3.681 3.681 0 0 0 4.92 18.45l4.464 4.466a3.69 3.69 0 0 0 2.251 1.06l.002.001c.093.01.187.015.28.017l-.1-.008c.06.003.117.009.177.009l-.077-.001L12 24l-.004-.005a3.68 3.68 0 0 0 2.61-1.077l4.469-4.465a3.683 3.683 0 0 0 1.006-1.888l.012-.063a3.682 3.682 0 0 0 .057-.541l.003-.061c0-.017.003-.05.004-.06h-.002a3.683 3.683 0 0 0-1.077-2.607l-4.466-4.468a3.694 3.694 0 0 0-1.564-.927l-.07-.02a3.43 3.43 0 0 0-.946-.133L12 7.682zm3.165 3.357c.023 1.748-1.33 3.078-1.33 4.806c.164 2.227 1.733 3.207 3.266 3.146c-.035.003-.068.007-.104.009c-1.847.135-3.209-1.326-5.002-1.326c-2.23.164-3.21 1.736-3.147 3.27l-.008-.104c-.133-1.847 1.328-3.21 1.328-5.002c-.173-2.32-1.867-3.284-3.46-3.132c.1-.011.203-.021.31-.027c1.847-.133 3.209 1.328 5.002 1.328c2.082-.155 3.074-1.536 3.145-2.968zM4.344 0c.238 4.792 3.256 7.056 6.252 7.376c.165-1.692-4.319-5.6-4.319-5.6c-.008-.011.009-.025.019-.014c0 0 4.648 4.01 5.423 5.645c2.762-.15 5.196-1.947 5-4.912c0 0-4.12-.613-5 4.618C11.48 2.753 8.993 0 4.344 0zM12 7.682v.002a3.68 3.68 0 0 0-2.591 1.077L4.94 13.227a3.683 3.683 0 0 0-.86 1.356a3.31 3.31 0 0 0-.237 1.255A3.681 3.681 0 0 0 4.92 18.45l4.464 4.466a3.69 3.69 0 0 0 2.251 1.06l.002.001c.093.01.187.015.28.017l-.1-.008c.06.003.117.009.177.009l-.077-.001L12 24l-.004-.005a3.68 3.68 0 0 0 2.61-1.077l4.469-4.465a3.683 3.683 0 0 0 1.006-1.888l.012-.063a3.682 3.682 0 0 0 .057-.541l.003-.061c0-.017.003-.05.004-.06h-.002a3.683 3.683 0 0 0-1.077-2.607l-4.466-4.468a3.694 3.694 0 0 0-1.564-.927l-.07-.02a3.43 3.43 0 0 0-.946-.133L12 7.682zm3.165 3.357c.023 1.748-1.33 3.078-1.33 4.806c.164 2.227 1.733 3.207 3.266 3.146c-.035.003-.068.007-.104.009c-1.847.135-3.209-1.326-5.002-1.326c-2.23.164-3.21 1.736-3.147 3.27l-.008-.104c-.133-1.847 1.328-3.21 1.328-5.002c-.173-2.32-1.867-3.284-3.46-3.132c.1-.011.203-.021.31-.027c1.847-.133 3.209 1.328 5.002 1.328c2.082-.155 3.074-1.536 3.145-2.968z'/></svg>"
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]13
14images: {
15 pihole: {
16 repository: "pihole"
17 name: "pihole"
18 tag: "v5.8.1"
19 pullPolicy: "IfNotPresent"
20 }
21}
22
23charts: {
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame^]24 oauth2Client: {
25 chart: "charts/oauth2-client"
26 sourceRef: {
27 kind: "GitRepository"
28 name: "pcloud"
29 namespace: global.id
30 }
31 }
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]32 pihole: {
33 chart: "charts/pihole"
34 sourceRef: {
35 kind: "GitRepository"
36 name: "pcloud"
37 namespace: global.id
38 }
39 }
40}
41
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame^]42_oauth2ClientSecretName: "oauth2-client"
43
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]44helm: {
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame^]45 "oauth2-client": {
46 chart: charts.oauth2Client
47 values: {
48 name: "oauth2-client"
49 secretName: _oauth2ClientSecretName
50 grantTypes: ["authorization_code"]
51 responseTypes: ["code"]
52 scope: "openid profile email"
53 redirectUris: ["https://\(_domain)/oauth2/callback"]
54 hydraAdmin: "http://hydra-admin.\(global.namespacePrefix)core-auth.svc.cluster.local"
55 }
56 }
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]57 pihole: {
58 chart: charts.pihole
59 values: {
60 domain: _domain
61 pihole: {
62 fullnameOverride: "pihole"
63 persistentVolumeClaim: { // TODO(gio): create volume separately as a dependency
64 enabled: true
65 size: "5Gi"
66 }
67 admin: {
68 enabled: false
69 }
70 ingress: {
71 enabled: false
72 }
73 serviceDhcp: {
74 enabled: false
75 }
76 serviceDns: {
77 type: "ClusterIP"
78 }
79 serviceWeb: {
80 type: "ClusterIP"
81 http: {
82 enabled: true
83 }
84 https: {
85 enabled: false
86 }
87 }
88 virtualHost: _domain
89 resources: {
90 requests: {
91 cpu: "250m"
92 memory: "100M"
93 }
94 limits: {
95 cpu: "500m"
96 memory: "250M"
97 }
98 }
99 image: {
100 repository: images.pihole.fullName
101 tag: images.pihole.tag
102 pullPolicy: images.pihole.pullPolicy
103 }
104 }
105 oauth2: {
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame^]106 cookieSecret: "1234123443214321"
107 secretName: _oauth2ClientSecretName
108 issuer: "https://hydra.\(global.domain)"
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]109 }
Giorgi Lekveishvili0c6b3242024-03-14 15:31:08 +0400[diff] [blame^]110 configName: "oauth2-proxy"
Giorgi Lekveishvilie009a5d2024-01-05 14:10:11 +0400[diff] [blame]111 profileUrl: "https://accounts-ui.\(global.domain)"
112 ingressClassName: input.network.ingressClass
113 certificateIssuer: input.network.certificateIssuer
114 }
115 }
116}