apiVersion: v1
kind: ConfigMap
metadata:
  name: pihole-adlists
data:
  adlists.list: |
    https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
    https://mirror1.malwaredomains.com/files/justdomains
    http://sysctl.org/cameleon/hosts
    https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
    https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
    https://blocklist.site/app/dl/ads
    https://blocklist.site/app/dl/fraud
    https://blocklist.site/app/dl/fakenews
    https://blocklist.site/app/dl/malware
    https://blocklist.site/app/dl/phishing
    https://blocklist.site/app/dl/ransomware
    https://blocklist.site/app/dl/scam
    https://blocklist.site/app/dl/spam
    https://blocklist.site/app/dl/facebook
    https://blocklist.site/app/dl/youtube
    https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
    https://v.firebog.net/hosts/static/w3kbl.txt
    https://adaway.org/hosts.txt
    https://v.firebog.net/hosts/AdguardDNS.txt
    https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt
    https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
    https://v.firebog.net/hosts/Easylist.txt
    https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts;showintro=0
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/UncheckyAds/hosts
    https://www.squidblacklist.org/downloads/dg-ads.acl
    https://v.firebog.net/hosts/Easyprivacy.txt
    https://v.firebog.net/hosts/Prigent-Ads.txt
    https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.2o7Net/hosts
    https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
    https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
    https://mirror1.malwaredomains.com/files/justdomains
    https://mirror.cedia.org.ec/malwaredomains/immortal_domains.txt
    https://www.malwaredomainlist.com/hostslist/hosts.txt
    https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt
    https://v.firebog.net/hosts/Prigent-Malware.txt
    https://v.firebog.net/hosts/Prigent-Phishing.txt
    https://phishing.army/download/phishing_army_blocklist_extended.txt
    https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt
    https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
    https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt
    https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt
    https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt
    https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt
    https://v.firebog.net/hosts/Shalla-mal.txt
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts
    https://www.squidblacklist.org/downloads/dg-malicious.acl
    https://zerodot1.gitlab.io/CoinBlockerLists/hosts
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: pihole-regex
data:
  regex.list: |
    ^(.+[-_.])??adse?rv(er?|ice)?s?[0-9]*[-.]
    ^(.+[-_.])??m?ad[sxv]?[0-9]*[-_.]
    ^(.+[-_.])??telemetry[-.]
    ^(.+[-_.])??xn--
    ^adim(age|g)s?[0-9]*[-_.]
    ^adtrack(er|ing)?[0-9]*[-.]
    ^advert(s|is(ing|ements?))?[0-9]*[-_.]
    ^aff(iliat(es?|ion))?[-.]
    ^analytics?[-.]
    ^banners?[-.]
    ^beacons?[0-9]*[-.]
    ^count(ers?)?[0-9]*[-.]
    ^pixels?[-.]
    ^stat(s|istics)?[0-9]*[-.]
    ^track(ers?|ing)?[0-9]*[-.]
    ^traff(ic)?[-.]
    ^(.*)\.g00\.(.*)
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: pihole-env
data:
  TZ: EST
  DNS1: 127.0.0.1#5054
  DNS2: 127.0.0.1#5054
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pihole
  labels:
    app: pihole
spec:
  replicas: 1
  selector:
    matchLabels:
      app: pihole
  template:
    metadata:
      labels:
        app: pihole
    spec:
      containers:
      - name:  pihole-cloudflared
        image: visibilityspots/cloudflared:amd64
        resources:
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
            cpu: "500m"
      - name: pihole
        image: pihole/pihole
        resources:
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
            cpu: "500m"
        env:
        - name: TZ
          valueFrom:
            configMapKeyRef:
              name: pihole-env
              key: TZ
        - name: DNS1
          valueFrom:
            configMapKeyRef:
              name: pihole-env
              key: DNS1
        - name: DNS2
          valueFrom:
            configMapKeyRef:
              name: pihole-env
              key: DNS2
        ports:
        - name: web
          containerPort: 80
        - name : dns
          protocol : UDP
          containerPort: 53
        volumeMounts:
        - name: pihole-adlists
          mountPath: /etc/pihole/adlists.list
          subPath: adlists.list
        - name: pihole-regex
          mountPath: /etc/pihole/regex.list
          subPath: regex.list
      volumes:
        - name: pihole-adlists
          configMap:
            name: pihole-adlists
        - name: pihole-regex
          configMap:
            name: pihole-regex
---
kind: Service
apiVersion: v1
metadata:
  name: pihole-web-service
spec:
  selector:
    app: pihole
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    name : web
  type: LoadBalancer
---
kind: Service
apiVersion: v1
metadata:
  name: pihole-dns-service
spec:
  selector:
    app: pihole
  ports:
  - protocol: UDP
    port: 53
    targetPort: 53
    name : dns
  type: LoadBalancer