This repository has been archived on 2023-12-29. You can view files and clone it, but cannot push or open issues or pull requests.
pi-ansible/roles/docker_services/tasks/services/pihole.yml

81 lines
2.2 KiB
YAML
Raw Normal View History

2023-05-28 15:58:12 +00:00
# vim: ft=yaml.ansible
---
2023-05-28 18:01:35 +00:00
- name: Create Pi-hole volume base directory
ansible.builtin.file:
name: "{{ services.pihole.volume }}"
owner: root
mode: u=rwx,g=rx,o=rx
state: directory
- name: Create Pi-hole volume directory pihole
ansible.builtin.file:
name: "{{ services.pihole.volume }}/pihole"
owner: '999'
group: '1000'
2023-05-28 20:41:01 +00:00
mode: u=rwx,g=rwx,o=rx
2023-05-28 18:01:35 +00:00
state: directory
- name: Create other Pi-hole volume directories
2023-05-28 15:58:12 +00:00
ansible.builtin.file:
name: "{{ services.pihole.volume }}/{{ dir }}"
owner: root
mode: u=rwx,g=rx,o=rx
state: directory
loop:
- dnsmasq.d
2023-05-28 18:01:35 +00:00
- unbound
2023-05-28 15:58:12 +00:00
loop_control:
loop_var: dir
2023-05-28 18:01:35 +00:00
- name: Copy forward-records.conf for Unbound
ansible.builtin.copy:
src: pihole/forward-records.conf
dest: "{{ services.pihole.volume }}/unbound/forward-records.conf"
owner: root
mode: u=rw,g=r,o=r
- name: Deploy Pi-hole with Docker Compose
community.docker.docker_compose:
project_name: pihole
2023-08-05 12:36:12 +00:00
state: "{{ 'absent' if down is defined and down else 'present' }}"
restarted: "{{ restart is defined and restart }}"
recreate: "{{ 'always' if recreate is defined and recreate else 'smart' }}"
2023-05-28 18:01:35 +00:00
pull: true
definition:
version: '3.8'
services:
app:
image: pihole/pihole:{{ services.pihole.version }}
restart: always
environment:
DNSMASQ_LISTENING: all
2023-05-28 20:32:33 +00:00
DHCP_ACTIVE: 'false'
DNSSEC: 'true'
2023-05-28 18:01:35 +00:00
PIHOLE_DNS_: unbound
2023-05-28 20:32:33 +00:00
WEBPASSWORD: "{{ secrets.pihole.web_pw }}"
2023-05-28 18:01:35 +00:00
TZ: "{{ timezone }}"
networks:
default:
services:
aliases:
- pihole
2023-05-28 18:01:35 +00:00
volumes:
- "{{ services.pihole.volume }}/pihole:/etc/pihole:rw"
- "{{ services.pihole.volume }}/dnsmasq.d:/etc/dnsmasq.d:rw"
ports:
- 53:53/tcp
- 53:53/udp
2023-05-28 20:32:33 +00:00
depends_on:
- unbound
2023-05-28 15:58:12 +00:00
2023-05-28 18:01:35 +00:00
unbound:
image: mvance/unbound-rpi:{{ services.pihole.unbound_version }}
restart: always
volumes:
- "{{ services.pihole.volume }}/unbound/forward-records.conf:/opt/unbound/etc/unbound/forward-records.conf:ro"
networks:
services:
external: true