-
Notifications
You must be signed in to change notification settings - Fork 32
/
main.yaml
84 lines (77 loc) · 2.34 KB
/
main.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
- name: Create pihole directory
file:
path: "/home/{{ ansible_user }}/pihole"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
state: directory
mode: 0755
- name: Get IPv6 link local address
set_fact:
ipv6: "{{ item.address }}"
loop: "{{ vars['ansible_' + ansible_default_ipv6.interface | default(ansible_default_ipv4.interface)].ipv6 }}"
loop_control:
label: "{{ item.address }}"
when: "'link' in item.scope"
- name: Determine Pi-hole host IPs (HA mode)
set_fact:
pihole_local_ipv4: "{{ pihole_vip_ipv4.split('/')[0] }}"
pihole_local_ipv6: "{{ pihole_vip_ipv6.split('/')[0] }}"
execution_mode: "HA setup with keepalived"
when: pihole_ha_mode
- name: Determine Pi-hole host IPs (single mode)
set_fact:
pihole_local_ipv4: "{{ ansible_host }}"
pihole_local_ipv6: "{{ ipv6 }}"
execution_mode: "single node setup"
when: not pihole_ha_mode
- name: Start/Update pihole container
docker_container:
name: pihole
image: "{{ pihole_image }}"
pull: yes
restart_policy: unless-stopped
env:
TZ: "{{ timezone }}"
WEBPASSWORD: "{{ pihole_webpassword }}"
PIHOLE_DNS_: "{{ pihole_dns }}"
DNSMASQ_LISTENING: "local"
REV_SERVER: "{{ pihole_rev_server }}"
REV_SERVER_DOMAIN: "{{ pihole_rev_server_domain }}"
REV_SERVER_TARGET: "{{ pihole_rev_server_target }}"
REV_SERVER_CIDR: "{{ pihole_rev_server_cidr }}"
FTLCONF_MAXDBDAYS: "{{ pihole_ftl_max_db_days }}"
dns_servers:
- 127.0.0.1
- "{{ static_dns }}"
network_mode: host
volumes:
- "/home/{{ ansible_user }}/pihole/pihole/:/etc/pihole/"
- "/home/{{ ansible_user }}/pihole/dnsmasq.d/:/etc/dnsmasq.d/"
log_driver: json-file
log_options:
max-size: "10m"
max-file: "5"
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
- CAP_NET_ADMIN
- CAP_SYS_NICE
- CAP_CHOWN
- name: Check pihole container
uri:
url: http://localhost/admin
register: result
until: result.status == 200
retries: 5
delay: 10
- name: Remove old image versions
docker_prune:
images: yes
images_filters:
dangling: false
- name: INFORMATION
debug:
msg:
- "In the {{ execution_mode }} make sure to point your DNS server settings here:"
- "DNSv4: {{ pihole_local_ipv4 }}"
- "DNSv6: {{ pihole_local_ipv6 }}"