diff --git a/defaults/main.yml b/defaults/main.yml index e2b218b..143ca21 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,28 @@ --- -# defaults file for ansible-pihole \ No newline at end of file +# defaults file for ansible-pihole + +pihole_container_name: pihole +pihole_image_name: pihole/pihole:latest +pihole_admin_password: + +pihole_host_dir_dnsmasqd: /etc/docker-{{pihole_container_name}}/dnsmasq.d/ +pihole_host_dir_pihole: /etc/docker-{{pihole_container_name}}/pihole/ +pihole_volumes: + - "{{ docker_pihole_host_dir_pihole }}:/etc/pihole/" + - "{{ docker_pihole_host_dir_dnsmasqd }}:/etc/dnsmasq.d/" +pihole_http_port: 8090 +pihole_port: + - "53:53/tcp" + - "53:53/udp" + - "67:67/udp" + - "{{pihole_http_port}}:80/tcp" + +pihole_forwarder1: '1.1.1.1' +pihole_forwarder2: '80.67.169.40' +pihole_timezone: "Europe/Paris" +pihole_local_domain: pihole.lan +pihole_local_reverse_domain: '1.168.192.in-addr.arpa' +pihole_local_resolver: +pihole_dns_servers: + - '127.0.0.1' + - '{{pihole_local_resolver | default(1.1.1.1)}}' \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml index 5b910d9..2da9cb2 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,2 +1,8 @@ --- -# handlers file for ansible-pihole \ No newline at end of file +# handlers file for ansible-pihole + +- name: restart pihole container + docker_container: + name: "{{ docker_pihole_container_name }}" + state: started + restart: yes \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml index ae069d1..358a048 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,31 +1,34 @@ --- # tasks file for ansible-pihole +- name: "Set the __docker_pihole_admin_password fact" + set_fact: + __docker_pihole_random_password: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') }}" + __docker_pihole_admin_password: "{{ pihole_admin_password | default(__docker_pihole_random_password) }}" -version: "3" -services: - pihole: - container_name: pihole - image: pihole/pihole:latest - ports: - - "53:53/tcp" - - "53:53/udp" - - "67:67/udp" - - "8090:80/tcp" - - "8091:443/tcp" - environment: - TZ: 'Europe/Paris' - WEBPASSWORD: 'XiEHusW6' - DNS1: '1.1.1.1' - DNS2: '80.67.169.40' - - # WEBPASSWORD: 'set a secure password here or it will be random' - # Volumes store your data between container upgrades - volumes: - - '/etc/docker/pihole/:/etc/pihole/' - - '/etc/docker/dnsmasq.d/:/etc/dnsmasq.d/' - # Recommended but not required (DHCP needs NET_ADMIN) - # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities - cap_add: +- name: "[docker] Setup the pi-hole docker container" + docker_container: + name: "{{ pihole_container_name }}" + image: "{{ pihole_image_name }}" + state: started + restart: yes + restart_policy: 'unless-stopped' + volumes: "{{ pihole_volumes }}" + published_ports: "{{ pihole_port }}" + env: + TZ: "{{pihole_timezone }}" + WEBPASSWORD: "{{ __docker_pihole_admin_password }}" + DNS1: "{{pihole_forwarder1}}" + DNS2: "{{pihole_forwarder2}}" + capabilities: - NET_ADMIN - restart: 'no' + dns_servers: "{{ pihole_dns_servers }}" + + +- name: "add custom dnsmask file" + template: + dest: "{{pihole_host_dir_dnsmasqd}}" # required. Location to render the template to on the remote machine. + src: 02-localresolver.conf.j2 # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path. + when: pihole_local_resolver is defined + notify: restart pihole container + \ No newline at end of file diff --git a/templates/02-localresolver.conf.j2 b/templates/02-localresolver.conf.j2 new file mode 100644 index 0000000..6265573 --- /dev/null +++ b/templates/02-localresolver.conf.j2 @@ -0,0 +1,5 @@ +# {{ ansible_managed }} +## local domain forwarder + +server=/{{pihole_local_domain}}/{{pihole_local_resolver}} +server=/{{pihole_local_reverse_domain}}/{{pihole_local_resolver}}