feat: update powerdns chart

b7b8339d · Janne Mareike Koschinski · 4f528dc8 · b7b8339d · b7b8339d · b7b8339d
Verified Commit b7b8339d authored 2 years ago by Janne Mareike Koschinski
--- a/powerdns/Chart.yaml
+++ b/powerdns/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: powerdns
 description: Helm Chart for powerdns-Core
 type: application
-version: 0.0.5
-appVersion: "v4.4.1"
+version: 1.0.0
+appVersion: "4.7.3"
--- a/powerdns/templates/configmap.yaml
+++ b/powerdns/templates/configmap.yaml
@@ -5,10 +5,18 @@ metadata:
  labels:
    {{- include "powerdns-helm.labels" . | nindent 4 }}
 data:
+  pdns.conf: |-
+    include-dir=/etc/powerdns/pdns.d
+  database.conf: |-
+    launch=lmdb
+    lmdb-filename=/data/pdns.lmdb
  security.conf: |-
-    setuid=100
-    setgid=101
-  webserver.conf: |-
+    setuid={{ .Values.securityContext.runAsUser }}
+    setgid={{ .Values.securityContext.runAsGroup }}
+
+    local-address=0.0.0.0,::
+    local-port=5353
+
    api={{ .Values.api.enabled }}
    {{ if .Values.api.enabled }}
    webserver-address=0.0.0.0
@@ -16,17 +24,8 @@ data:
    webserver-print-arguments=no
    webserver-allow-from=0.0.0.0/0,::/0
    {{ end }}
-  database.conf: |-
-    launch=gpgsql
-    gpgsql-host={{ .Values.database.hostname }}
-    gpgsql-port={{ .Values.database.port }}
-    gpgsql-dbname={{ .Values.database.database }}
-    gpgsql-user={{ .Values.database.username }}
-    gpgsql-dnssec={{ .Values.database.dnssec }}
  dnsupdate.conf: |-
    dnsupdate=yes
    allow-dnsupdate-from={{ .Values.internalCidr | join "," }}
-  listen.conf: |-
-    local-port=5353
-  default.conf: |-
+  soa.conf: |-
    default-soa-content="{{ .Values.default.hostname }} {{ .Values.default.email }} 0 10800 3600 604800 3600"
--- a/powerdns/templates/deployment.yaml
+++ b/powerdns/templates/deployment.yaml
@@ -25,10 +25,12 @@ spec:
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      volumes:
-        - name: secrets
+        - name: data
+          {{- .Values.volumes.data | nindent 10 }}
+        - name: secret
          secret:
            secretName: {{ include "powerdns-helm.fullname" . }}
-        - name: configs
+        - name: config
          configMap:
            name: {{ include "powerdns-helm.fullname" . }}
        - name: tmp
@@ -40,9 +42,8 @@ spec:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          env:
-            - name: MYSQL_AUTOCONF
-              value: "false"
+          command:
+            - "pdns_server"
          ports:
            - name: http
              containerPort: 8080
@@ -68,23 +69,28 @@ spec:
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
-            - mountPath: /var/run
-              name: tmp
-            - mountPath: /etc/pdns/conf.d/secrets.conf
-              name: secrets
-              subPath: secrets.conf
-            - mountPath: /etc/pdns/conf.d/database.conf
-              name: configs
+            - mountPath: /data
+              name: data
+            - mountPath: /etc/powerdns/pdns.conf
+              name: config
+              subPath: pdns.conf
+            - mountPath: /etc/powerdns/pdns.d/secrets.conf
+              name: secret
+              subPath: pdns.conf
+            - mountPath: /etc/powerdns/pdns.d/database.conf
+              name: config
              subPath: database.conf
-            - mountPath: /etc/pdns/conf.d/dnsupdate.conf
-              name: configs
+            - mountPath: /etc/powerdns/pdns.d/security.conf
+              name: config
+              subPath: security.conf
+            - mountPath: /etc/powerdns/pdns.d/dnsupdate.conf
+              name: config
              subPath: dnsupdate.conf
-            - mountPath: /etc/pdns/conf.d/listen.conf
-              name: configs
-              subPath: listen.conf
-            - mountPath: /etc/pdns/conf.d/webserver.conf
-              name: configs
-              subPath: webserver.conf
+            - mountPath: /etc/powerdns/pdns.d/soa.conf
+              name: config
+              subPath: soa.conf
+            - mountPath: /var/run
+              name: tmp
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}

--- a/powerdns/templates/secret.yaml
+++ b/powerdns/templates/secret.yaml
@@ -6,8 +6,7 @@ metadata:
    {{- include "powerdns-helm.labels" . | nindent 4 }}
 stringData:
  apikey: {{ .Values.api.key }}
-  secrets.conf: |-
+  pdns.conf: |-
    {{ if .Values.api.enabled }}
    api-key={{ .Values.api.key }}
    {{ end }}
-    gpgsql-password={{ .Values.database.password }}
--- a/powerdns/values.yaml
+++ b/powerdns/values.yaml
 replicaCount: 1

 image:
-  repository: psitrax/powerdns
+  repository: powerdns/pdns-auth-47
  pullPolicy: IfNotPresent
  tag: ""

@@ -24,13 +24,9 @@ default:
 ingress:
  host: "dns.example.tld"

-database:
-  hostname: "localhost"
-  port: 5432
-  database: "powerdns"
-  username: "powerdns"
-  password: "hunter2"
-  dnssec: "yes"
+volumes:
+  data: |-
+    emptyDir: {}

 podAnnotations: { }

@@ -44,6 +40,7 @@ securityContext:
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000
+  runAsGroup: 2000

 service:
  type: ClusterIP