Skip to content
Snippets Groups Projects
Verified Commit b7b8339d authored by Janne Mareike Koschinski's avatar Janne Mareike Koschinski
Browse files

feat: update powerdns chart

parent 4f528dc8
No related branches found
No related tags found
No related merge requests found
Pipeline #2949 passed
...@@ -2,5 +2,5 @@ apiVersion: v2 ...@@ -2,5 +2,5 @@ apiVersion: v2
name: powerdns name: powerdns
description: Helm Chart for powerdns-Core description: Helm Chart for powerdns-Core
type: application type: application
version: 0.0.5 version: 1.0.0
appVersion: "v4.4.1" appVersion: "4.7.3"
...@@ -5,10 +5,18 @@ metadata: ...@@ -5,10 +5,18 @@ metadata:
labels: labels:
{{- include "powerdns-helm.labels" . | nindent 4 }} {{- include "powerdns-helm.labels" . | nindent 4 }}
data: data:
pdns.conf: |-
include-dir=/etc/powerdns/pdns.d
database.conf: |-
launch=lmdb
lmdb-filename=/data/pdns.lmdb
security.conf: |- security.conf: |-
setuid=100 setuid={{ .Values.securityContext.runAsUser }}
setgid=101 setgid={{ .Values.securityContext.runAsGroup }}
webserver.conf: |-
local-address=0.0.0.0,::
local-port=5353
api={{ .Values.api.enabled }} api={{ .Values.api.enabled }}
{{ if .Values.api.enabled }} {{ if .Values.api.enabled }}
webserver-address=0.0.0.0 webserver-address=0.0.0.0
...@@ -16,17 +24,8 @@ data: ...@@ -16,17 +24,8 @@ data:
webserver-print-arguments=no webserver-print-arguments=no
webserver-allow-from=0.0.0.0/0,::/0 webserver-allow-from=0.0.0.0/0,::/0
{{ end }} {{ end }}
database.conf: |-
launch=gpgsql
gpgsql-host={{ .Values.database.hostname }}
gpgsql-port={{ .Values.database.port }}
gpgsql-dbname={{ .Values.database.database }}
gpgsql-user={{ .Values.database.username }}
gpgsql-dnssec={{ .Values.database.dnssec }}
dnsupdate.conf: |- dnsupdate.conf: |-
dnsupdate=yes dnsupdate=yes
allow-dnsupdate-from={{ .Values.internalCidr | join "," }} allow-dnsupdate-from={{ .Values.internalCidr | join "," }}
listen.conf: |- soa.conf: |-
local-port=5353
default.conf: |-
default-soa-content="{{ .Values.default.hostname }} {{ .Values.default.email }} 0 10800 3600 604800 3600" default-soa-content="{{ .Values.default.hostname }} {{ .Values.default.email }} 0 10800 3600 604800 3600"
...@@ -25,10 +25,12 @@ spec: ...@@ -25,10 +25,12 @@ spec:
securityContext: securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }} {{- toYaml .Values.podSecurityContext | nindent 8 }}
volumes: volumes:
- name: secrets - name: data
{{- .Values.volumes.data | nindent 10 }}
- name: secret
secret: secret:
secretName: {{ include "powerdns-helm.fullname" . }} secretName: {{ include "powerdns-helm.fullname" . }}
- name: configs - name: config
configMap: configMap:
name: {{ include "powerdns-helm.fullname" . }} name: {{ include "powerdns-helm.fullname" . }}
- name: tmp - name: tmp
...@@ -40,9 +42,8 @@ spec: ...@@ -40,9 +42,8 @@ spec:
{{- toYaml .Values.securityContext | nindent 12 }} {{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
env: command:
- name: MYSQL_AUTOCONF - "pdns_server"
value: "false"
ports: ports:
- name: http - name: http
containerPort: 8080 containerPort: 8080
...@@ -68,23 +69,28 @@ spec: ...@@ -68,23 +69,28 @@ spec:
resources: resources:
{{- toYaml .Values.resources | nindent 12 }} {{- toYaml .Values.resources | nindent 12 }}
volumeMounts: volumeMounts:
- mountPath: /var/run - mountPath: /data
name: tmp name: data
- mountPath: /etc/pdns/conf.d/secrets.conf - mountPath: /etc/powerdns/pdns.conf
name: secrets name: config
subPath: secrets.conf subPath: pdns.conf
- mountPath: /etc/pdns/conf.d/database.conf - mountPath: /etc/powerdns/pdns.d/secrets.conf
name: configs name: secret
subPath: pdns.conf
- mountPath: /etc/powerdns/pdns.d/database.conf
name: config
subPath: database.conf subPath: database.conf
- mountPath: /etc/pdns/conf.d/dnsupdate.conf - mountPath: /etc/powerdns/pdns.d/security.conf
name: configs name: config
subPath: security.conf
- mountPath: /etc/powerdns/pdns.d/dnsupdate.conf
name: config
subPath: dnsupdate.conf subPath: dnsupdate.conf
- mountPath: /etc/pdns/conf.d/listen.conf - mountPath: /etc/powerdns/pdns.d/soa.conf
name: configs name: config
subPath: listen.conf subPath: soa.conf
- mountPath: /etc/pdns/conf.d/webserver.conf - mountPath: /var/run
name: configs name: tmp
subPath: webserver.conf
{{- with .Values.nodeSelector }} {{- with .Values.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
......
...@@ -6,8 +6,7 @@ metadata: ...@@ -6,8 +6,7 @@ metadata:
{{- include "powerdns-helm.labels" . | nindent 4 }} {{- include "powerdns-helm.labels" . | nindent 4 }}
stringData: stringData:
apikey: {{ .Values.api.key }} apikey: {{ .Values.api.key }}
secrets.conf: |- pdns.conf: |-
{{ if .Values.api.enabled }} {{ if .Values.api.enabled }}
api-key={{ .Values.api.key }} api-key={{ .Values.api.key }}
{{ end }} {{ end }}
gpgsql-password={{ .Values.database.password }}
replicaCount: 1 replicaCount: 1
image: image:
repository: psitrax/powerdns repository: powerdns/pdns-auth-47
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
tag: "" tag: ""
...@@ -24,13 +24,9 @@ default: ...@@ -24,13 +24,9 @@ default:
ingress: ingress:
host: "dns.example.tld" host: "dns.example.tld"
database: volumes:
hostname: "localhost" data: |-
port: 5432 emptyDir: {}
database: "powerdns"
username: "powerdns"
password: "hunter2"
dnssec: "yes"
podAnnotations: { } podAnnotations: { }
...@@ -44,6 +40,7 @@ securityContext: ...@@ -44,6 +40,7 @@ securityContext:
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsNonRoot: true runAsNonRoot: true
runAsUser: 1000 runAsUser: 1000
runAsGroup: 2000
service: service:
type: ClusterIP type: ClusterIP
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment