From 3f948d0d429e8ba4a0ac375c559416b1b414fc8d Mon Sep 17 00:00:00 2001
From: Jeff Geerling <geerlingguy@mac.com>
Date: Mon, 25 May 2020 23:04:35 -0500
Subject: [PATCH] Fixes #12: Add Pi-hole configuration to the cluster, with
 usage instructions.

---
 README.md                   |  1 +
 main.yml                    |  3 +++
 roles/pihole/README.md      | 21 +++++++++++++++++++
 roles/pihole/meta/main.yml  |  6 ++++++
 roles/pihole/tasks/main.yml | 40 +++++++++++++++++++++++++++++++++++++
 5 files changed, 71 insertions(+)
 create mode 100644 roles/pihole/README.md
 create mode 100644 roles/pihole/meta/main.yml
 create mode 100644 roles/pihole/tasks/main.yml

diff --git a/README.md b/README.md
index 121a4b3..e564445 100644
--- a/README.md
+++ b/README.md
@@ -47,6 +47,7 @@ Once that's done, there will be variety of applications running on your cluster:
 | Drupal | http://drupal.10.0.100.74.nip.io/ | N/A |
 | Wordpress | http://wordpress.10.0.100.74.nip.io/ | N/A |
 | Minecraft | (`kubectl get service -n minecraft`) | See EULA in [Minecraft chart repo](https://github.com/helm/charts/tree/master/stable/minecraft) |
+| Pi-hole | http://pi.hole/ | See [pihole role README](roles/pihole/README.md) |
 
 ## Caveats
 
diff --git a/main.yml b/main.yml
index 720f6ef..d523f0d 100644
--- a/main.yml
+++ b/main.yml
@@ -49,3 +49,6 @@
 
     - role: minecraft
       tags: ['minecraft']
+
+    - role: pihole
+      tags: ['pihole']
diff --git a/roles/pihole/README.md b/roles/pihole/README.md
new file mode 100644
index 0000000..9f011be
--- /dev/null
+++ b/roles/pihole/README.md
@@ -0,0 +1,21 @@
+# Pi-hole Setup
+
+## Admin UI Setup
+
+To access the Pi-hole admin UI, you'll need to point the hostname `pi.hole` at the IP address of the Pi where ingress is routed. You can find that IP address by running the following `kubectl` command:
+
+```
+# kubectl get ing -n pihole
+NAME     HOSTS                         ADDRESS       PORTS   AGE
+pihole   chart-example.local,pi.hole   10.0.100.99   80      55s
+```
+
+Take the value of the `ADDRESS` and add a line like the following to your `/etc/hosts` file:
+
+10.0.100.99  pi.hole
+
+Then you can access `http://pi.hole/` in your browser and view the admin UI.
+
+## DNS setup
+
+TODO.
diff --git a/roles/pihole/meta/main.yml b/roles/pihole/meta/main.yml
new file mode 100644
index 0000000..2518a0a
--- /dev/null
+++ b/roles/pihole/meta/main.yml
@@ -0,0 +1,6 @@
+---
+collections:
+  - community.kubernetes
+
+dependencies:
+  - geerlingguy.helm
diff --git a/roles/pihole/tasks/main.yml b/roles/pihole/tasks/main.yml
new file mode 100644
index 0000000..593a443
--- /dev/null
+++ b/roles/pihole/tasks/main.yml
@@ -0,0 +1,40 @@
+---
+- name: Create pihole namespace.
+  k8s:
+    name: pihole
+    api_version: v1
+    kind: Namespace
+    state: present
+
+- name: Add mojo2600 chart repo.
+  helm_repository:
+    name: mojo2600
+    repo_url: "https://mojo2600.github.io/pihole-kubernetes/"
+
+- name: Deploy pihole Helm chart.
+  helm:
+    name: pihole
+    chart_ref: mojo2600/pihole
+    chart_version: '1.7.6'
+    release_namespace: pihole
+    state: present
+    values:
+      persistentVolumeClaim:
+        enabled: true
+      ingress:
+        enabled: true
+      serviceTCP:
+        loadBalancerIP: '10.0.100.99'
+        type: LoadBalancer
+      serviceUDP:
+        loadBalancerIP: '10.0.100.99'
+        type: LoadBalancer
+      resources:
+        limits:
+          cpu: 200m
+          memory: 256Mi
+        requests:
+          cpu: 100m
+          memory: 128Mi
+      # If using in the real world, set up admin.existingSecret instead.
+      adminPassword: admin