fix(dns): Pinning DNS IPs and cleaning up related services

2025-10-30 01:22:31 +00:00 · 2023-11-28 16:33:50 +01:00
parent 34fc073b20
commit 4c435eb229
8 changed files with 64 additions and 104 deletions
--- a/apps/jellyfin/service.yaml
+++ b/apps/jellyfin/service.yaml
@@ -4,9 +4,8 @@ metadata:
  name: jellyfin-svc
  namespace: jellyfin
 spec:
-  type: LoadBalancer
+  selector:
+    app: jellyfin
  ports:
    - name: web
-      port: 8096
-  selector:
-    app: jellyfin
+      port: 8096
--- a/apps/plex/service.yaml
+++ b/apps/plex/service.yaml
@@ -3,9 +3,9 @@ kind: Service
 metadata:
  name: plex
 spec:
+  selector:
+    app: plex
  type: LoadBalancer
  ports:
    - name: web
-      port: 32400
-  selector:
-    app: plex
+      port: 32400
--- a/infra/net-aux/ingress-route.yaml
+++ b/infra/net-aux/ingress-route.yaml
@@ -9,7 +9,7 @@ spec:
    - match: Host(`net-aux.stonegarden.dev`)
      kind: Rule
      services:
-        - name: pi-hole-web
+        - name: net-aux
          port: http
      middlewares:
        - name: traefik-forward-auth
--- a/infra/net-aux/service.yaml
+++ b/infra/net-aux/service.yaml
@@ -1,74 +1,46 @@
---
 kind: Service
 apiVersion: v1
 metadata:
-  name: pi-hole-dns-udp
+  name: net-aux
  namespace: net-aux
  annotations:
+    metallb.universe.tf/loadBalancerIPs: 192.168.1.153
    metallb.universe.tf/allow-shared-ip: net-aux
 spec:
  selector:
    app: net-aux
-  ports:
-    - name: dns-udp
-      port: 53
-      protocol: UDP
-      targetPort: dns-udp
  type: LoadBalancer
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: pi-hole-dns-tcp
-  namespace: net-aux
-  annotations:
-    metallb.universe.tf/allow-shared-ip: net-aux
-spec:
-  selector:
-    app: net-aux
-  ports:
-    - name: dns-tcp
-      port: 53
-      protocol: TCP
-      targetPort: dns-tcp
-  type: LoadBalancer
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: pi-hole-web
-  namespace: net-aux
-  annotations:
-    metallb.universe.tf/allow-shared-ip: net-aux
-spec:
-  selector:
-    app: net-aux
-  ports:
-    - name: http
-      port: 80
-      targetPort: http
-    - name: https
-      port: 443
-      targetPort: https
-  type: LoadBalancer
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: unbound-dns
-  namespace: net-aux
-  annotations:
-    metallb.universe.tf/allow-shared-ip: net-aux
-spec:
-  selector:
-    app: net-aux
  ports:
    - name: unbound-dns-tcp
      port: 5335
      protocol: TCP
      targetPort: unbound-dns-tcp
+    - name: dns-tcp
+      port: 53
+      protocol: TCP
+      targetPort: dns-tcp
+    - name: http
+      port: 80
+      targetPort: http
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: net-aux-udp
+  namespace: net-aux
+  annotations:
+    metallb.universe.tf/loadBalancerIPs: 192.168.1.153
+    metallb.universe.tf/allow-shared-ip: net-aux
+spec:
+  selector:
+    app: net-aux
+  type: LoadBalancer
+  ports:
    - name: unbound-dns-udp
      port: 5335
      protocol: UDP
      targetPort: unbound-dns-udp
-  type: LoadBalancer
+    - name: dns-udp
+      port: 53
+      protocol: UDP
+      targetPort: dns-udp
--- a/infra/pi-hole/config/02-custom.conf
+++ b/infra/pi-hole/config/02-custom.conf
@@ -1,2 +1,2 @@
 address=/stonegarden.dev/192.168.1.128
-address=/stonegarden.lan/192.168.1.128
+edns-packet-max=1232
--- a/infra/pi-hole/ingress-route.yaml
+++ b/infra/pi-hole/ingress-route.yaml
@@ -9,7 +9,7 @@ spec:
    - match: Host(`pi-hole.stonegarden.dev`)
      kind: Rule
      services:
-        - name: pi-hole-web
+        - name: pi-hole
          port: http
      middlewares:
        - name: traefik-forward-auth
--- a/infra/pi-hole/service.yaml
+++ b/infra/pi-hole/service.yaml
@@ -1,53 +1,38 @@
---
 kind: Service
 apiVersion: v1
 metadata:
-  name: pi-hole-dns-udp
+  name: pi-hole
  namespace: pi-hole
  annotations:
+    metallb.universe.tf/loadBalancerIPs: 192.168.1.154
    metallb.universe.tf/allow-shared-ip: pi-hole
 spec:
  selector:
    app: pi-hole
+  type: LoadBalancer
+  ports:
+    - name: http
+      port: 80
+      targetPort: http
+    - name: dns-tcp
+      port: 53
+      protocol: TCP
+      targetPort: dns-tcp
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: pi-hole-udp
+  namespace: pi-hole
+  annotations:
+    metallb.universe.tf/loadBalancerIPs: 192.168.1.154
+    metallb.universe.tf/allow-shared-ip: pi-hole
+spec:
+  selector:
+    app: pi-hole
+  type: LoadBalancer
  ports:
    - name: dns-udp
      port: 53
      protocol: UDP
      targetPort: dns-udp
-  type: LoadBalancer
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: pi-hole-dns-tcp
-  namespace: pi-hole
-  annotations:
-    metallb.universe.tf/allow-shared-ip: pi-hole
-spec:
-  selector:
-    app: pi-hole
-  ports:
-    - name: dns-tcp
-      port: 53
-      protocol: TCP
-      targetPort: dns-tcp
-  type: LoadBalancer
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: pi-hole-web
-  namespace: pi-hole
-  annotations:
-    metallb.universe.tf/allow-shared-ip: pi-hole
-spec:
-  selector:
-    app: pi-hole
-  ports:
-    - name: http
-      port: 80
-      targetPort: http
-    - name: https
-      port: 443
-      targetPort: https
-  type: LoadBalancer
--- a/infra/traefik/values.yaml
+++ b/infra/traefik/values.yaml
@@ -9,6 +9,10 @@ deployment:
        - name: data
          mountPath: /data

+services:
+  annotations:
+    metallb.universe.tf/loadBalancerIPs: 192.168.1.128
+
 providers:
  kubernetesCRD:
    allowCrossNamespace: true