complete pihole role

defaults/main.yml

@@ -1,2 +1,28 @@
 ---
-# defaults file for ansible-pihole
+# defaults file for ansible-pihole
+
+pihole_container_name: pihole
+pihole_image_name: pihole/pihole:latest
+pihole_admin_password:
+
+pihole_host_dir_dnsmasqd: /etc/docker-{{pihole_container_name}}/dnsmasq.d/
+pihole_host_dir_pihole: /etc/docker-{{pihole_container_name}}/pihole/
+pihole_volumes:
+  - "{{ docker_pihole_host_dir_pihole }}:/etc/pihole/"
+  - "{{ docker_pihole_host_dir_dnsmasqd }}:/etc/dnsmasq.d/"
+pihole_http_port: 8090
+pihole_port:
+  - "53:53/tcp"
+  - "53:53/udp"
+  - "67:67/udp"
+  - "{{pihole_http_port}}:80/tcp"
+
+pihole_forwarder1: '1.1.1.1'
+pihole_forwarder2: '80.67.169.40'
+pihole_timezone: "Europe/Paris"
+pihole_local_domain: pihole.lan
+pihole_local_reverse_domain: '1.168.192.in-addr.arpa'
+pihole_local_resolver:
+pihole_dns_servers:
+  - '127.0.0.1'
+  - '{{pihole_local_resolver | default(1.1.1.1)}}'

handlers/main.yml

@@ -1,2 +1,8 @@
 ---
-# handlers file for ansible-pihole
+# handlers file for ansible-pihole
+
+- name: restart pihole container
+  docker_container:
+    name: "{{ docker_pihole_container_name }}"
+    state: started
+    restart: yes

tasks/main.yml

@@ -1,31 +1,34 @@
 ---
 # tasks file for ansible-pihole
 
+- name: "Set the __docker_pihole_admin_password fact"
+  set_fact:
+    __docker_pihole_random_password: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') }}"
+    __docker_pihole_admin_password: "{{ pihole_admin_password | default(__docker_pihole_random_password) }}"
 
-version: "3"
-services:
-  pihole:
-    container_name: pihole
-    image: pihole/pihole:latest
-    ports:
-      - "53:53/tcp"
-      - "53:53/udp"
-      - "67:67/udp"
-      - "8090:80/tcp"
-      - "8091:443/tcp"
-    environment:
-      TZ: 'Europe/Paris'
-      WEBPASSWORD: 'XiEHusW6'
-      DNS1: '1.1.1.1'
-      DNS2: '80.67.169.40'
-
-      # WEBPASSWORD: 'set a secure password here or it will be random'
-    # Volumes store your data between container upgrades
-    volumes:
-       - '/etc/docker/pihole/:/etc/pihole/'
-       - '/etc/docker/dnsmasq.d/:/etc/dnsmasq.d/'
-    # Recommended but not required (DHCP needs NET_ADMIN)
-    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
-    cap_add:
+- name: "[docker] Setup the pi-hole docker container"
+  docker_container:
+    name: "{{ pihole_container_name }}"
+    image: "{{ pihole_image_name }}"
+    state: started
+    restart: yes
+    restart_policy: 'unless-stopped'
+    volumes: "{{ pihole_volumes }}"
+    published_ports: "{{ pihole_port }}"
+    env:
+      TZ: "{{pihole_timezone }}"
+      WEBPASSWORD: "{{ __docker_pihole_admin_password }}"
+      DNS1: "{{pihole_forwarder1}}"
+      DNS2: "{{pihole_forwarder2}}"
+    capabilities: 
       - NET_ADMIN
-    restart: 'no'
+    dns_servers: "{{ pihole_dns_servers }}"
+
+
+- name: "add custom dnsmask file"
+  template:
+      dest: "{{pihole_host_dir_dnsmasqd}}" # required. Location to render the template to on the remote machine.
+      src: 02-localresolver.conf.j2 # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
+  when: pihole_local_resolver is defined
+  notify: restart pihole container
+  

templates/02-localresolver.conf.j2

@@ -0,0 +1,5 @@
+# {{ ansible_managed }}
+## local domain forwarder
+
+server=/{{pihole_local_domain}}/{{pihole_local_resolver}}
+server=/{{pihole_local_reverse_domain}}/{{pihole_local_resolver}}