catalog/incubator/technitium/4.0.3/ix_values.yaml

image:
  repository: tccr.io/truecharts/technitium
  pullPolicy: IfNotPresent
  tag: v11.3.0@sha256:e7a2cc08975130129dd6c31058af58b32c22336d752242d623acbbf045698046

securityContext:
  container:
    runAsNonRoot: false
    readOnlyRootFilesystem: false
    allowPrivilegeEscalation: true
    runAsUser: 0
    runAsGroup: 0

# Not sure if those will work on k8s
# - "443:443/tcp" #DNS-over-HTTPS service
# - "80:80/tcp" #DNS-over-HTTPS service certbot certificate renewal
# Note sure if this will work with traefik
# - "8053:8053/tcp" #DNS-over-HTTPS using reverse proxy

service:
  main:
    ports:
      main:
        port: 5380
  dns:
    enabled: true
    ports:
      dns-tcp:
        enabled: true
        port: 53
        targetPort: 53
      dns-udp:
        enabled: true
        protocol: udp
        port: 53
        targetPort: 53
  dns-tls:
    enabled: true
    ports:
      dns-tls:
        enabled: true
        protocol: tcp
        port: 853
        targetPort: 853
  dns-cert:
    enabled: true
    ports:
      dns-cert:
        enabled: true
        protocol: tcp
        port: 10202
        targetPort: 80
  dns-https:
    enabled: true
    ports:
      dns-https:
        enabled: true
        protocol: tcp
        port: 10203
        targetPort: 443
  dns-https-proxy:
    enabled: true
    ports:
      dns-https-proxy:
        enabled: true
        protocol: tcp
        port: 10204
        targetPort: 8053

workload:
  main:
    podSpec:
      containers:
        main:
          env:
            DNS_SERVER_WEB_SERVICE_HTTP_PORT: "{{ .Values.service.main.ports.main.port }}"
            DNS_SERVER_ADMIN_PASSWORD: "password"
            DNS_SERVER_DOMAIN: "dns-server"
            DNS_SERVER_PREFER_IPV6: false
            DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP: false
            DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS: false
            DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT: false
            # Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks
            DNS_SERVER_RECURSION: "AllowOnlyForPrivateNetworks"
            DNS_SERVER_RECURSION_DENIED_NETWORKS: "1.1.1.0/24"
            DNS_SERVER_RECURSION_ALLOWED_NETWORKS: "127.0.0.1, 192.168.1.0/24"
            DNS_SERVER_ENABLE_BLOCKING: false
            DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT: false
            DNS_SERVER_BLOCK_LIST_URLS: ""
            DNS_SERVER_FORWARDERS: "1.1.1.1,8.8.8.8"
            # Udp, Tcp, Tls, Https, HttpsJson
            DNS_SERVER_FORWARDER_PROTOCOL: "Tcp"

persistence:
  config:
    enabled: true
    mountPath: "/etc/dns/config"

portal:
  open:
    enabled: true
Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot <bot@truecharts.org> 2023-07-03 20:10:49 +00:00			`image:`
			`repository: tccr.io/truecharts/technitium`
			`pullPolicy: IfNotPresent`
			`tag: v11.3.0@sha256:e7a2cc08975130129dd6c31058af58b32c22336d752242d623acbbf045698046`

			`securityContext:`
			`container:`
			`runAsNonRoot: false`
			`readOnlyRootFilesystem: false`
			`allowPrivilegeEscalation: true`
			`runAsUser: 0`
			`runAsGroup: 0`

			`# Not sure if those will work on k8s`
			`# - "443:443/tcp" #DNS-over-HTTPS service`
			`# - "80:80/tcp" #DNS-over-HTTPS service certbot certificate renewal`
			`# Note sure if this will work with traefik`
			`# - "8053:8053/tcp" #DNS-over-HTTPS using reverse proxy`

			`service:`
			`main:`
			`ports:`
			`main:`
			`port: 5380`
			`dns:`
			`enabled: true`
			`ports:`
			`dns-tcp:`
			`enabled: true`
			`port: 53`
			`targetPort: 53`
			`dns-udp:`
			`enabled: true`
			`protocol: udp`
			`port: 53`
			`targetPort: 53`
			`dns-tls:`
			`enabled: true`
			`ports:`
			`dns-tls:`
			`enabled: true`
			`protocol: tcp`
			`port: 853`
			`targetPort: 853`
			`dns-cert:`
			`enabled: true`
			`ports:`
			`dns-cert:`
			`enabled: true`
			`protocol: tcp`
			`port: 10202`
			`targetPort: 80`
			`dns-https:`
			`enabled: true`
			`ports:`
			`dns-https:`
			`enabled: true`
			`protocol: tcp`
			`port: 10203`
			`targetPort: 443`
			`dns-https-proxy:`
			`enabled: true`
			`ports:`
			`dns-https-proxy:`
			`enabled: true`
			`protocol: tcp`
			`port: 10204`
			`targetPort: 8053`

			`workload:`
			`main:`
			`podSpec:`
			`containers:`
			`main:`
			`env:`
			`DNS_SERVER_WEB_SERVICE_HTTP_PORT: "{{ .Values.service.main.ports.main.port }}"`
			`DNS_SERVER_ADMIN_PASSWORD: "password"`
			`DNS_SERVER_DOMAIN: "dns-server"`
			`DNS_SERVER_PREFER_IPV6: false`
			`DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP: false`
			`DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS: false`
			`DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT: false`
			`# Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks`
			`DNS_SERVER_RECURSION: "AllowOnlyForPrivateNetworks"`
			`DNS_SERVER_RECURSION_DENIED_NETWORKS: "1.1.1.0/24"`
			`DNS_SERVER_RECURSION_ALLOWED_NETWORKS: "127.0.0.1, 192.168.1.0/24"`
			`DNS_SERVER_ENABLE_BLOCKING: false`
			`DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT: false`
			`DNS_SERVER_BLOCK_LIST_URLS: ""`
			`DNS_SERVER_FORWARDERS: "1.1.1.1,8.8.8.8"`
			`# Udp, Tcp, Tls, Https, HttpsJson`
			`DNS_SERVER_FORWARDER_PROTOCOL: "Tcp"`

			`persistence:`
			`config:`
			`enabled: true`
			`mountPath: "/etc/dns/config"`

			`portal:`
			`open:`
			`enabled: true`