viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1575 commits 2 branches 0 tags 2.3 GiB
Commit graph

18 commits

Author SHA1 Message Date
Viktor Barzin
205eb2704b
[ci skip] Fix Technitium DNS client IP logging: bypass Traefik L4 proxy 
DNS queries were going through Traefik's IngressRouteUDP, replacing
real client IPs with Traefik pod IPs (10.10.169.150) in Technitium logs.
Changed Technitium DNS service from NodePort to LoadBalancer with
externalTrafficPolicy: Local, removed dns-udp entrypoint and
IngressRouteUDP from Traefik, and updated CoreDNS to forward .lan
queries to Technitium's LoadBalancer IP directly.
 2026-02-16 21:16:16 +00:00
Viktor Barzin
a8f42d7fc0
[ci skip] Manage CoreDNS Corefile in Terraform and block junk NxDomain queries 
Add kubernetes_config_map for CoreDNS to the technitium module, with a
template block for cluster.local.viktorbarzin.lan that returns NXDOMAIN
immediately. This prevents ndots:5 search domain expansion from flooding
Technitium with ~66k/day junk queries (e.g.
redis.redis.svc.cluster.local.viktorbarzin.lan).

Also enabled saveCache on Technitium so the DNS cache persists across
pod restarts.
 2026-02-15 21:51:12 +00:00
Viktor Barzin
8abb8eddc0
add tier to all deployments [ci skip] 2026-01-10 16:28:14 +00:00
Viktor Barzin
a3624f80e0
replace hardcoded namespace with module reference [ci skip] 2025-12-29 10:23:42 +00:00
Viktor Barzin
32f51d94a4
disable diun for technitium [ci skip] 2025-12-26 16:15:00 +00:00
Viktor Barzin
063f849948
add message to not change nodeport service on technitium as that would mess up things [ci skip] 2025-01-25 17:21:57 +00:00
Viktor Barzin
d0e68769e7
use ingress factory for all hosted ingresses [ci skip] 2025-01-14 22:53:04 +00:00
Viktor Barzin
bf854be9c9
update diun annotations to correctly monitor for image version updates and update some services alongside[ci skip] 2024-12-30 14:01:38 +00:00
Viktor Barzin
185a944acd
replace oauth proxy with authentik auth [ci skip] 2024-11-18 22:06:31 +00:00
Viktor Barzin
cd89380b9f add tecnitium token to homepage [ci skip] 2024-10-20 13:05:11 +00:00
Viktor Barzin
15e951bd09
add diun annotation [ci skip] 2024-08-17 20:23:20 +00:00
Viktor Barzin
f0d9a51afb
add technitium template to istio [ci skip] 2024-01-08 23:01:48 +00:00
Viktor Barzin
50b57e1373
replace tls client cert auth with oauth and add localai stub [ci skip] 2023-10-22 14:07:18 +00:00
Viktor Barzin
e71c3946db
update tls certs; add technitium doh open without recursion for now; add dashy web 2023-10-21 12:14:31 +00:00
Viktor Barzin
69313d4613
recreate technitium instance to avoid db losses [ci skip] 2023-09-16 19:33:48 +00:00
Viktor Barzin
5061eb590b
add oidc to headscale and move technitium to a nodeport service [ci skip] 2023-09-15 22:55:13 +00:00
Viktor Barzin
28107b7328
set techniitum to nodeport to get source ip clients and remove bind [ci skip] 2023-09-15 13:57:53 +00:00
Viktor Barzin
96e43d4510
replace bind-pihole-dnscrypt with technitium [ci skip] 2023-09-14 09:20:16 +00:00