Hi,
You are right, it is only usefull for a very small environment. It is for home, at work I really don't care about adding one (or more) systems to the environment. (ansible plays will keep them up2date and configured properly)
But I think I have figured it out. It is possible to specify a global forwarder with an alternative port, hence I could configure a container on the ipa server system listening on a different port and add that one as a forwarder. If it starts complaining about the ip being its own I will use cni to assign a different external ip to that container.
I will test this in the next few days.
Rob
Op wo 9 feb. 2022 om 22:39 schreef Rafael Jeffman rjeffman@redhat.com:
Hi Rob,
On Wed, Feb 9, 2022 at 9:32 AM Rob Verduijn via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
Hi all,
I'm trying to reduce the number of systems in my network. Currently if I want to use a pi-hole in combination with freeipa one of them is going to use the other as a forwarder.
And without some firewall/router port redirection magic (also hopelessly complicating things) this is not going to run on one system.
Did anybody manage to integrate pi-hole into freeipa as a plugin or some other nifty solution making it possible to run it all on one system ?
This doesn't seem likely to be done soon, or ever, even if it is something I'd personally have use for.
You could have a single pi-hole in your network, but you would like to have at least two IPA servers, a master and a replica.
For very small setups, it would be a nice exercise, but apart from that I don't see much use in having both in the system (and sharing scarce resources).
Rafael
Rob
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
-- Rafael Guterres Jeffman Senior Software Engineer FreeIPA - Red Hat