k8s/helm/setup/004-pihole/install.sh

41 lines
1 KiB
Bash
Executable file

#!/bin/bash -x
CHART_VERSION="2.11.0"
NAMESPACE="external-dns"
VAULT_AUTH_NAMESPACE="k8s-teapot"
kubectl create ns ${NAMESPACE}
cat <<EOH | kubectl apply -f -
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: serviceaccounttoken
namespace: external-dns
annotations:
kubernetes.io/service-account.name: "default"
...
EOH
HOST_IP=$(ip addr show eth0 | grep -Po 'inet \K[\d.]+')
TOKEN="$(kubectl get secret serviceaccounttoken -n external-dns -o go-template='{{ .data.token }}' | base64 -d)"
vault write auth/${VAULT_AUTH_NAMESPACE}/role/external-dns \
bound_service_account_names=default,external-dns \
bound_service_account_namespaces=external-dns \
policies=external-dns \
ttl=24h
kubectl apply -f external-secrets.yaml
helm repo add mojo2600 https://mojo2600.github.io/pihole-kubernetes/
helm repo update
helm upgrade --install \
pihole \
mojo2600/pihole \
-n ${NAMESPACE} \
--version ${CHART_VERSION} \
--values values.yaml \
--cleanup-on-fail