# vim: ft=yaml.ansible --- - name: Create Pi-hole volume base directory ansible.builtin.file: name: "{{ services.pihole.volume }}" owner: root mode: u=rwx,g=rx,o=rx state: directory - name: Create Pi-hole volume directory pihole ansible.builtin.file: name: "{{ services.pihole.volume }}/pihole" owner: '999' group: '1000' mode: u=rwx,g=rwx,o=rx state: directory - name: Create other Pi-hole volume directories ansible.builtin.file: name: "{{ services.pihole.volume }}/{{ dir }}" owner: root mode: u=rwx,g=rx,o=rx state: directory loop: - dnsmasq.d - unbound loop_control: loop_var: dir - name: Copy forward-records.conf for Unbound ansible.builtin.copy: src: pihole/forward-records.conf dest: "{{ services.pihole.volume }}/unbound/forward-records.conf" owner: root mode: u=rw,g=r,o=r - name: Deploy Pi-hole with Docker Compose community.docker.docker_compose: project_name: pihole state: "{{ 'absent' if stop is defined and stop else 'present' }}" restarted: "{{ stop is undefined or not stop }}" pull: true definition: version: '3.8' services: app: image: pihole/pihole:{{ services.pihole.version }} restart: always environment: DNSMASQ_LISTENING: all DHCP_ACTIVE: 'false' DNSSEC: 'true' PIHOLE_DNS_: unbound WEBPASSWORD: "{{ secrets.pihole.web_pw }}" TZ: "{{ timezone }}" volumes: - "{{ services.pihole.volume }}/pihole:/etc/pihole:rw" - "{{ services.pihole.volume }}/dnsmasq.d:/etc/dnsmasq.d:rw" ports: - 53:53/tcp - 53:53/udp - 81:80/tcp depends_on: - unbound unbound: image: mvance/unbound-rpi:{{ services.pihole.unbound_version }} restart: always volumes: - "{{ services.pihole.volume }}/unbound/forward-records.conf:/opt/unbound/etc/unbound/forward-records.conf:ro"