Codified coredns config

Changelog: added
Signed-off-by: GeorgeRaven <GeorgeRavenCommunity@pm.me>

charts/coredns/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/coredns/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: coredns
+description: A Helm chart for Kubernetes
+type: application
+version: 0.1.4
+appVersion: "1.16.0"

charts/coredns/README.md

@@ -0,0 +1,26 @@
+# coredns
+
+![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square)
+
+A Helm chart for Kubernetes
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://bitnami-labs.github.io/coredns | coredns | 2.17.9 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| coredns | object | `{}` |  |
+| environment.baseDomain | string | `"deepcypher.me"` |  |
+| environment.contact.email | string | `"noreply@deepcypher.me"` |  |
+| environment.contact.name | string | `"George Onoufriou"` |  |
+| environment.hardware | string | `"metal"` |  |
+| environment.location.name | string | `"unknown"` |  |
+| environment.mode | string | `"production"` |  |
+| environment.name | string | `"unknown"` |  |
+| environment.revision | string | `"main"` |  |
+

charts/coredns/templates/cm.yaml

@@ -0,0 +1,40 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: kube-system
+data:
+  Corefile: |-
+    .:53 {
+        log
+        errors
+        # rewrite k8s-expanded lookups back to deepcypher.me
+        # rewrite name suffix deepcypher.me.svc.cluster.local. deepcypher.me.
+        # send traffic to k8s-gateways static IP
+        rewrite name auth.deepcypher.me traefik.traefik.svc.cluster.local.
+        forward deepcypher.me. 192.168.10.252 {
+          policy round_robin
+        }
+        # fake recursion available header
+        header {
+          response set ra # set RecursionAvailable flag
+        }
+        health {
+            lameduck 5s
+        }
+        ready
+        log . {
+            class error
+        }
+        prometheus :9153
+
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+            pods insecure
+            fallthrough in-addr.arpa ip6.arpa
+        }
+        forward . /etc/resolv.conf
+        cache 30
+        loop
+        reload
+        loadbalance
+    }

charts/coredns/values.yaml

@@ -0,0 +1,13 @@
+coredns: {}
+
+environment:
+  name: unknown # not to be used for hard checks but to display to user
+  hardware: metal # to be used to enable on-prem specific features like ceph, cilium, etc
+  mode: production # to be used to configure backup movement and additional debugging features
+  revision: main # to be used to pull from different git branches
+  baseDomain: deepcypher.me # to be used to override default chart domains to configure environments
+  location:
+    name: unknown # not to be used for hard checks purely informational
+  contact:
+    name: George Onoufriou
+    email: noreply@deepcypher.me

charts/infrastructure/templates/coredns.yaml

@@ -0,0 +1,26 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: coredns
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    name: ''
+    namespace: coredns
+    server: 'https://kubernetes.default.svc'
+  source:
+    path: charts/coredns
+    repoURL: {{ .Values.global.repo }}
+    targetRevision: {{ .Values.environment.revision }}
+    #helm:
+    #  values: |
+  project: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+      - ApplyOutOfSyncOnly=true