complete pihole role

This commit is contained in:
vincent 2020-07-05 12:11:55 +02:00
parent c5751bbae2
commit 10ac6fe6f4
4 changed files with 68 additions and 28 deletions

View File

@ -1,2 +1,28 @@
---
# defaults file for ansible-pihole
pihole_container_name: pihole
pihole_image_name: pihole/pihole:latest
pihole_admin_password:
pihole_host_dir_dnsmasqd: /etc/docker-{{pihole_container_name}}/dnsmasq.d/
pihole_host_dir_pihole: /etc/docker-{{pihole_container_name}}/pihole/
pihole_volumes:
- "{{ docker_pihole_host_dir_pihole }}:/etc/pihole/"
- "{{ docker_pihole_host_dir_dnsmasqd }}:/etc/dnsmasq.d/"
pihole_http_port: 8090
pihole_port:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "{{pihole_http_port}}:80/tcp"
pihole_forwarder1: '1.1.1.1'
pihole_forwarder2: '80.67.169.40'
pihole_timezone: "Europe/Paris"
pihole_local_domain: pihole.lan
pihole_local_reverse_domain: '1.168.192.in-addr.arpa'
pihole_local_resolver:
pihole_dns_servers:
- '127.0.0.1'
- '{{pihole_local_resolver | default(1.1.1.1)}}'

View File

@ -1,2 +1,8 @@
---
# handlers file for ansible-pihole
- name: restart pihole container
docker_container:
name: "{{ docker_pihole_container_name }}"
state: started
restart: yes

View File

@ -1,31 +1,34 @@
---
# tasks file for ansible-pihole
- name: "Set the __docker_pihole_admin_password fact"
set_fact:
__docker_pihole_random_password: "{{ lookup('password', '/dev/null chars=ascii_letters,digits') }}"
__docker_pihole_admin_password: "{{ pihole_admin_password | default(__docker_pihole_random_password) }}"
version: "3"
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "8090:80/tcp"
- "8091:443/tcp"
environment:
TZ: 'Europe/Paris'
WEBPASSWORD: 'XiEHusW6'
DNS1: '1.1.1.1'
DNS2: '80.67.169.40'
# WEBPASSWORD: 'set a secure password here or it will be random'
# Volumes store your data between container upgrades
volumes:
- '/etc/docker/pihole/:/etc/pihole/'
- '/etc/docker/dnsmasq.d/:/etc/dnsmasq.d/'
# Recommended but not required (DHCP needs NET_ADMIN)
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
cap_add:
- name: "[docker] Setup the pi-hole docker container"
docker_container:
name: "{{ pihole_container_name }}"
image: "{{ pihole_image_name }}"
state: started
restart: yes
restart_policy: 'unless-stopped'
volumes: "{{ pihole_volumes }}"
published_ports: "{{ pihole_port }}"
env:
TZ: "{{pihole_timezone }}"
WEBPASSWORD: "{{ __docker_pihole_admin_password }}"
DNS1: "{{pihole_forwarder1}}"
DNS2: "{{pihole_forwarder2}}"
capabilities:
- NET_ADMIN
restart: 'no'
dns_servers: "{{ pihole_dns_servers }}"
- name: "add custom dnsmask file"
template:
dest: "{{pihole_host_dir_dnsmasqd}}" # required. Location to render the template to on the remote machine.
src: 02-localresolver.conf.j2 # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
when: pihole_local_resolver is defined
notify: restart pihole container

View File

@ -0,0 +1,5 @@
# {{ ansible_managed }}
## local domain forwarder
server=/{{pihole_local_domain}}/{{pihole_local_resolver}}
server=/{{pihole_local_reverse_domain}}/{{pihole_local_resolver}}