catalog/incubator/technitium/3.0.1/ix_values.yaml

97 lines
2.1 KiB
YAML

image:
repository: tccr.io/truecharts/technitium
pullPolicy: IfNotPresent
tag: v8.1@sha256:bd2688162b50a76c0cd526ed6f70a1561f520041f726b9ea655e0d1796947e9e
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
allowPrivilegeEscalation: true
podSecurityContext:
runAsUser: 0
runAsGroup: 0
secretEnv:
DNS_SERVER_ADMIN_PASSWORD: "password"
env:
DNS_SERVER_DOMAIN: "dns-server"
DNS_SERVER_PREFER_IPV6: false
DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP: false
DNS_SERVER_RECURSION: "AllowOnlyForPrivateNetworks"
DNS_SERVER_RECURSION_DENIED_NETWORKS: "1.1.1.0/24"
DNS_SERVER_RECURSION_ALLOWED_NETWORKS: "127.0.0.1, 192.168.1.0/24"
DNS_SERVER_ENABLE_BLOCKING: false
DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT: false
DNS_SERVER_FORWARDERS: "1.1.1.1, 8.8.8.8"
DNS_SERVER_FORWARDER_PROTOCOL: "Tcp"
service:
main:
ports:
main:
port: 5380
targetPort: 5380
dns-tcp:
enabled: true
ports:
dns-tcp:
enabled: true
port: 53
targetPort: 53
dns-udp:
enabled: true
ports:
dns-udp:
enabled: true
protocol: UDP
port: 53
targetPort: 53
dns-tls:
enabled: true
ports:
dns-tls:
enabled: true
protocol: TCP
port: 853
targetPort: 853
dns-cert:
enabled: true
ports:
dns-cert:
enabled: true
protocol: TCP
port: 10202
targetPort: 80
dns-https:
enabled: true
ports:
dns-https:
enabled: true
protocol: TCP
port: 10203
targetPort: 443
dns-https-proxy:
enabled: true
ports:
dns-https-proxy:
enabled: true
protocol: TCP
port: 10204
targetPort: 8053
# Not sure if those will work on k8s
# - "443:443/tcp" #DNS-over-HTTPS service
# - "80:80/tcp" #DNS-over-HTTPS service certbot certificate renewal
# Note sure if this will work with traefik
# - "8053:8053/tcp" #DNS-over-HTTPS using reverse proxy
persistence:
config:
enabled: true
mountPath: "/etc/dns/config"
portal:
enabled: true