37 lines
1.3 KiB
YAML
37 lines
1.3 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: external-dns
|
|
spec:
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app: external-dns
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: external-dns
|
|
spec:
|
|
serviceAccountName: external-dns
|
|
containers:
|
|
- name: external-dns
|
|
image: registry.k8s.io/external-dns/external-dns:v0.15.1
|
|
# If authentication is disabled and/or you didn't create
|
|
# a secret, you can remove this block.
|
|
args:
|
|
- --source=service
|
|
# Pihole only supports A/AAAA/CNAME records so there is no mechanism to track ownership.
|
|
# You don't need to set this flag, but if you leave it unset, you will receive warning
|
|
# logs when ExternalDNS attempts to create TXT records.
|
|
- --registry=noop
|
|
# IMPORTANT: If you have records that you manage manually in Pi-hole, set
|
|
# the policy to upsert-only so they do not get deleted.
|
|
- --policy=upsert-only
|
|
- --provider=pihole
|
|
# Change this to the actual address of your Pi-hole web server
|
|
- --pihole-server=http://10.0.0.2:8888
|
|
- --pihole-password=1234
|
|
securityContext:
|
|
fsGroup: 65534 # For ExternalDNS to be able to read Kubernetes token files
|