From 4f528dc8356157083b707caff48474ed3e7f147a Mon Sep 17 00:00:00 2001
From: Janne Mareike Koschinski <janne@kuschku.de>
Date: Sat, 18 Mar 2023 18:18:37 +0100
Subject: [PATCH] feat: update powerdns chart
---
powerdns/Chart.yaml | 2 +-
powerdns/templates/configmap.yaml | 12 +++++++++---
powerdns/templates/deployment.yaml | 5 +++++
powerdns/templates/ingress.yaml | 2 ++
powerdns/templates/secret.yaml | 6 ++++--
powerdns/values.yaml | 12 +++++++++++-
6 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/powerdns/Chart.yaml b/powerdns/Chart.yaml
index 55e9bac..7e00d18 100644
--- a/powerdns/Chart.yaml
+++ b/powerdns/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
name: powerdns
description: Helm Chart for powerdns-Core
type: application
-version: 0.0.1
+version: 0.0.5
appVersion: "v4.4.1"
diff --git a/powerdns/templates/configmap.yaml b/powerdns/templates/configmap.yaml
index c7fd0cc..ba92089 100644
--- a/powerdns/templates/configmap.yaml
+++ b/powerdns/templates/configmap.yaml
@@ -5,12 +5,17 @@ metadata:
labels:
{{- include "powerdns-helm.labels" . | nindent 4 }}
data:
+ security.conf: |-
+ setuid=100
+ setgid=101
webserver.conf: |-
- api={{ .Values.api }}
+ api={{ .Values.api.enabled }}
+ {{ if .Values.api.enabled }}
webserver-address=0.0.0.0
webserver-port=8080
webserver-print-arguments=no
webserver-allow-from=0.0.0.0/0,::/0
+ {{ end }}
database.conf: |-
launch=gpgsql
gpgsql-host={{ .Values.database.hostname }}
@@ -20,7 +25,8 @@ data:
gpgsql-dnssec={{ .Values.database.dnssec }}
dnsupdate.conf: |-
dnsupdate=yes
- allow-dnsupdate-from=127.0.0.0/8 10.244.0.0/16
+ allow-dnsupdate-from={{ .Values.internalCidr | join "," }}
listen.conf: |-
local-port=5353
-
+ default.conf: |-
+ default-soa-content="{{ .Values.default.hostname }} {{ .Values.default.email }} 0 10800 3600 604800 3600"
diff --git a/powerdns/templates/deployment.yaml b/powerdns/templates/deployment.yaml
index 8af7112..5cb4c26 100644
--- a/powerdns/templates/deployment.yaml
+++ b/powerdns/templates/deployment.yaml
@@ -31,6 +31,9 @@ spec:
- name: configs
configMap:
name: {{ include "powerdns-helm.fullname" . }}
+ - name: tmp
+ emptyDir:
+ medium: Memory
containers:
- name: {{ .Chart.Name }}
securityContext:
@@ -65,6 +68,8 @@ spec:
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
+ - mountPath: /var/run
+ name: tmp
- mountPath: /etc/pdns/conf.d/secrets.conf
name: secrets
subPath: secrets.conf
diff --git a/powerdns/templates/ingress.yaml b/powerdns/templates/ingress.yaml
index c9fc46b..e238ffb 100644
--- a/powerdns/templates/ingress.yaml
+++ b/powerdns/templates/ingress.yaml
@@ -1,3 +1,4 @@
+{{ if .Values.api.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -19,3 +20,4 @@ spec:
port:
name: http
pathType: Prefix
+{{ end }}
diff --git a/powerdns/templates/secret.yaml b/powerdns/templates/secret.yaml
index 0b15b0c..e865258 100644
--- a/powerdns/templates/secret.yaml
+++ b/powerdns/templates/secret.yaml
@@ -5,7 +5,9 @@ metadata:
labels:
{{- include "powerdns-helm.labels" . | nindent 4 }}
stringData:
- apikey: {{ .Values.apiKey }}
+ apikey: {{ .Values.api.key }}
secrets.conf: |-
- api-key={{ .Values.apiKey }}
+ {{ if .Values.api.enabled }}
+ api-key={{ .Values.api.key }}
+ {{ end }}
gpgsql-password={{ .Values.database.password }}
diff --git a/powerdns/values.yaml b/powerdns/values.yaml
index ffd5e7b..f2a3771 100644
--- a/powerdns/values.yaml
+++ b/powerdns/values.yaml
@@ -9,7 +9,17 @@ imagePullSecrets: [ ]
nameOverride: ""
fullnameOverride: ""
-apiKey: "hunter2"
+internalCidr:
+ - "127.0.0.0/8"
+ - "10.244.0.0/16"
+
+api:
+ enabled: false
+ key: "hunter2"
+
+default:
+ hostname: "a.misconfigured.dns.server.invalid"
+ email: "hostmaster.@"
ingress:
host: "dns.example.tld"
--
GitLab