Hi,
You are right, it is only usefull for a very small environment.
It is for home, at work I really don't care about adding one (or more)
systems to the environment. (ansible plays will keep them up2date and
configured properly)
But I think I have figured it out.
It is possible to specify a global forwarder with an alternative port,
hence I could configure a container on the ipa server system listening on a
different port and add that one as a forwarder.
If it starts complaining about the ip being its own I will use cni to
assign a different external ip to that container.
I will test this in the next few days.
Rob
Op wo 9 feb. 2022 om 22:39 schreef Rafael Jeffman <rjeffman(a)redhat.com>:
Hi Rob,
On Wed, Feb 9, 2022 at 9:32 AM Rob Verduijn via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
> Hi all,
>
> I'm trying to reduce the number of systems in my network.
> Currently if I want to use a pi-hole in combination with freeipa one of
> them is going to use the other as a forwarder.
>
> And without some firewall/router port redirection magic (also hopelessly
> complicating things) this is not going to run on one system.
>
> Did anybody manage to integrate pi-hole into freeipa as a plugin or some
> other nifty solution making it possible to run it all on one system ?
>
>
This doesn't seem likely to be done soon, or ever, even if it is
something I'd personally have use for.
You could have a single pi-hole in your network, but you would
like to have at least two IPA servers, a master and a replica.
For very small setups, it would be a nice exercise, but apart
from that I don't see much use in having both in the system
(and sharing scarce resources).
Rafael
Rob
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to
> freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
> Do not reply to spam on the list, report it:
>
https://pagure.io/fedora-infrastructure
>
--
Rafael Guterres Jeffman
Senior Software Engineer
FreeIPA - Red Hat