Skip to content

Instantly share code, notes, and snippets.

@IngwiePhoenix

IngwiePhoenix/coredns.yaml

Created March 21, 2025 16:07
Show Gist options
  • Save IngwiePhoenix/b228996676cfc3b52fe22d707a959aa5 to your computer and use it in GitHub Desktop.
Save IngwiePhoenix/b228996676cfc3b52fe22d707a959aa5 to your computer and use it in GitHub Desktop.
Download ZIP
k3s-coredns-homelab
Raw
coredns.yaml
apiVersion: v1
kind: Namespace
metadata:
name: coredns
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns-config
namespace: coredns
data:
Corefile: |
# Globals
(cloudflare_dns) {
timeouts {
read 5s
write 10s
idle 30s
}
forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 {
policy random
max_fails 2
}
forward . dns://9.9.9.9 dns://149.112.112.112 dns://2620:fe::fe dns://2620:fe::9 {
policy random
max_fails 2
}
}
# birb.it settings
., https://.:5353 {
log
errors
whoami
cache 10s
view vpnnet {
expr incidr(client_ip(), '100.64.0.0/24')
}
template IN A {
match .*\.birb\.it
answer "{{ .Name }} 60 IN A 100.64.0.2"
fallthrough
}
template IN AAAA {
match .*\.birb\.it
answer "{{ .Name }} 60 IN AAAA fd7a:115c:a1e0::2"
fallthrough
}
import cloudflare_dns
}
., https://.:5353 {
log
errors
whoami
cache 10s
view lannet {
expr incidr(client_ip(), '192.168.1.0/24')
}
template IN A {
match .*\.birb\.it
answer "{{ .Name }} 60 IN A 192.168.1.3"
fallthrough
}
template IN AAAA {
match .*\.birb\.it
answer "{{ .Name }} 60 IN AAAA 2003:f5:6722:6801:481:31ff:fe2b:aaaa"
fallthrough
}
import cloudflare_dns
}
bbs, chan, cyb, dyn, geek, gopher, indy, libre, neo, null, o, oss, oz, parody, pirate {
timeouts {
read 10s
write 20s
idle 60s
}
cache 60s
forward . tls://161.97.219.84 tls://2001:470:4212:10:0:100:53:10
forward . tls://116.203.104.203 tls://2a01:4f8:c2c:da9c::1
forward . tls://94.103.153.176 tls://2a02:990:219:1:ba:1337:cafe:3
forward . tls://207.192.71.13
forward . tls://178.63.116.152 tls://2a01:4f8:141:4281::999
forward . tls://116.202.53.163
forward . tls://188.226.146.136 tls://2a03:b0c0:0:1010::13f:6001
forward . tls://5.161.104.68 tls://2a01:4ff:f0:873f::1
forward . tls://79.124.7.81
forward . tls://188.230.215.50 tls://2a01:261:e80:4800::1
#forward . tls://80.152.203.134 tls://2003:a:64b:3b00::2
# Fallback to DNS
forward . dns://161.97.219.84 dns://2001:470:4212:10:0:100:53:10
forward . dns://116.203.104.203 dns://2a01:4f8:c2c:da9c::1
forward . dns://94.103.153.176 dns://2a02:990:219:1:ba:1337:cafe:3
forward . dns://207.192.71.13
forward . dns://178.63.116.152 dns://2a01:4f8:141:4281::999
forward . dns://116.202.53.163
forward . dns://188.226.146.136 dns://2a03:b0c0:0:1010::13f:6001
forward . dns://5.161.104.68 dns://2a01:4ff:f0:873f::1
forward . dns://79.124.7.81
forward . dns://188.230.215.50 dns://2a01:261:e80:4800::1
}
# Finalizer
., https://.:5353 {
cache 10s
import cloudflare_dns
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: coredns-app
namespace: coredns
spec:
selector:
matchLabels:
app: coredns
template:
metadata:
labels:
app: coredns
spec:
tolerations:
# these tolerations are to have the daemonset runnable on control plane nodes
# remove them if your control plane nodes should not run pods
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
hostNetwork: true
containers:
- name: coredns
image: coredns/coredns:latest
#command: ["sh", "-c", "sleep infinity"]
command: ["/coredns", "-conf", "/Corefile"]
volumeMounts:
- name: config-volume
mountPath: /Corefile
subPath: Corefile
volumes:
- name: config-volume
configMap:
name: coredns-config
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment