Initial commit.

2025-04-27 14:57:00 -07:00
commit 84376fb3d5
63 changed files with 5645 additions and 0 deletions
--- a/infrastructure_setup/coredns/coredns-config.yaml
+++ b/infrastructure_setup/coredns/coredns-config.yaml
@@ -0,0 +1,48 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: kube-system
+data:
+  Corefile: |
+    .:53 {
+        errors
+        health
+        ready
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+          pods insecure
+          fallthrough in-addr.arpa ip6.arpa
+        }
+        hosts {
+          192.168.8.218 box-01
+          192.168.8.222 civil
+          192.168.8.240 traefik.${DOMAIN}
+          192.168.8.241 dns.internal.${DOMAIN}
+          
+          # Test records
+          192.168.8.240 test.${DOMAIN}
+          192.168.8.240 example-app.${DOMAIN}
+          192.168.8.240 civilsociety.${DOMAIN}
+          192.168.8.241 test.internal.${DOMAIN}
+          192.168.8.240 example-admin.internal.${DOMAIN}
+          192.168.8.240 dashboard.internal.${DOMAIN}
+          192.168.8.240 kubernetes-dashboard.internal.${DOMAIN}
+          
+          ttl 60
+          reload 15s
+          fallthrough
+        }
+        prometheus :9153
+        forward . 8.8.8.8 8.8.4.4 {
+          max_concurrent 1000
+        }
+        cache 30
+        loop
+        reload
+        loadbalance
+        import /etc/coredns/custom/*.override
+    }
+    import /etc/coredns/custom/*.server
+  NodeHosts: |
+    # This field needs to remain for compatibility, even if empty
+    # Host entries are now in the Corefile hosts section
--- a/infrastructure_setup/coredns/coredns-service.yaml
+++ b/infrastructure_setup/coredns/coredns-service.yaml
@@ -0,0 +1,25 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: coredns-lb
+  namespace: kube-system
+  annotations:
+    metallb.universe.tf/loadBalancerIPs: "192.168.8.241"
+spec:
+  type: LoadBalancer
+  ports:
+  - name: dns
+    port: 53
+    protocol: UDP
+    targetPort: 53
+  - name: dns-tcp
+    port: 53
+    protocol: TCP
+    targetPort: 53
+  - name: metrics
+    port: 9153
+    protocol: TCP
+    targetPort: 9153
+  selector:
+    k8s-app: kube-dns
--- a/infrastructure_setup/coredns/split-horizon.yaml
+++ b/infrastructure_setup/coredns/split-horizon.yaml
@@ -0,0 +1,41 @@
+---
+# Split-horizon DNS configuration for CoreDNS
+# This allows different DNS responses for internal vs external domains
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns-custom
+  namespace: kube-system
+data:
+  internal-zones.server: |
+    # Internal zone configuration for *.internal.${DOMAIN}
+    internal.${DOMAIN} {
+      errors
+      log
+      hosts {
+        192.168.8.240 example-admin.internal.${DOMAIN}
+        192.168.8.240 dashboard.internal.${DOMAIN}
+        192.168.8.241 test.internal.${DOMAIN}
+        fallthrough
+      }
+      cache 30
+      # Use kubernetes service discovery for internal services
+      kubernetes cluster.local {
+        pods insecure
+        fallthrough in-addr.arpa ip6.arpa
+      }
+      # Forward to Google DNS if not found locally
+      forward . 8.8.8.8 8.8.4.4
+    }
+  
+  external-zones.server: |
+    # External zone configuration for *.${DOMAIN}
+    ${DOMAIN} {
+      errors
+      log
+      cache 30
+      # For external services, forward to Cloudflare for correct public resolution
+      forward . 1.1.1.1 8.8.8.8 {
+        max_concurrent 1000
+      }
+    }