From 306036cb8d00660ae80da6d16e754ac0859a4f84 Mon Sep 17 00:00:00 2001
From: Nik Afiq <nik.afiq98@ymail.com>
Date: Mon, 9 Mar 2026 22:49:15 +0900
Subject: [PATCH] Add pihole-debian Helm values and patch script for DNS
 services

---
 manifests/pihole-debian-patch.sh | 12 +++++++
 values/pihole-debian.yaml        | 54 ++++++++++++++++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 manifests/pihole-debian-patch.sh
 create mode 100644 values/pihole-debian.yaml

diff --git a/manifests/pihole-debian-patch.sh b/manifests/pihole-debian-patch.sh
new file mode 100644
index 0000000..00524d6
--- /dev/null
+++ b/manifests/pihole-debian-patch.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+# Usage: bash manifests/pihole-debian-patch.sh
+# Patches pihole-debian DNS services with externalIPs after helm upgrade
+set -e
+
+kubectl patch svc pihole-debian-dns-tcp -n pihole \
+  -p '{"spec":{"externalIPs":["192.168.7.183"]}}'
+
+kubectl patch svc pihole-debian-dns-udp -n pihole \
+  -p '{"spec":{"externalIPs":["192.168.7.183"]}}'
+
+echo "pihole-debian DNS services patched with externalIPs"
\ No newline at end of file
diff --git a/values/pihole-debian.yaml b/values/pihole-debian.yaml
new file mode 100644
index 0000000..92d69eb
--- /dev/null
+++ b/values/pihole-debian.yaml
@@ -0,0 +1,54 @@
+# Pihole — secondary instance on Debian node
+# Pihole Helm values
+# Chart: mojo2600/pihole
+# Deploy:
+# helm upgrade --install pihole-debian mojo2600/pihole \
+#   --namespace pihole \
+#   -f values/pihole-debian.yaml
+
+replicaCount: 1
+
+nodeSelector:
+  node-role: storage
+
+image:
+  tag: "2024.07.0"
+
+serviceWeb:
+  type: ClusterIP
+
+serviceDns:
+  type: ClusterIP
+  port: 53
+  annotations:
+    kube-vip.io/loadbalancerIPs: 192.168.7.183
+
+probes:
+  liveness:
+    enabled: false
+  readiness:
+    enabled: false
+
+adminPassword: "changeme"
+
+extraEnvVars:
+  PIHOLE_DNS_1: "1.1.1.1"
+  PIHOLE_DNS_2: "8.8.8.8"
+
+dnsmasq:
+  customDnsEntries:
+    - address=/gitea.home.arpa/192.168.7.77
+    - address=/pihole.home.arpa/192.168.7.77
+    - address=/home.arpa/192.168.7.77
+    - address=/dashy.home.arpa/192.168.7.77
+    - address=/jellyfin.home.arpa/192.168.7.77
+    - address=/qbittorrent.home.arpa/192.168.7.77
+    - address=/jdownloader.home.arpa/192.168.7.77
+    - address=/glances.home.arpa/192.168.7.77
+    - address=/glances-debian.home.arpa/192.168.7.77
+    - address=/watch-party.nik4nao.com/192.168.7.77
+
+persistentVolumeClaim:
+  enabled: true
+  storageClass: local-path
+  size: 500Mi
\ No newline at end of file