From 271204d4e9afdc969e11af765be04ab1440ac4bc Mon Sep 17 00:00:00 2001
From: Roxedus <me@roxedus.dev>
Date: Tue, 18 Oct 2022 22:13:55 +0200
Subject: [PATCH] pi things

---
 ansible/group_vars/piholes.yml                      |  9 +++++++++
 .../roles/pi_dnsmasq/templates/02-custom.conf.j2    |  4 ++++
 ansible/roles/pihole/tasks/configure.yml            | 10 +++++++++-
 ansible/run.yml                                     | 13 +++++++++++++
 4 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/ansible/group_vars/piholes.yml b/ansible/group_vars/piholes.yml
index 9701ee5..217aae6 100644
--- a/ansible/group_vars/piholes.yml
+++ b/ansible/group_vars/piholes.yml
@@ -8,6 +8,8 @@ dnsmasq:
       host: "{{ secret_unraid_uuid }}.unraid.net"
     - ip: 10.0.0.35
       host: "proxmox.{{ dmasq_local_domain }}"
+    - ip: 10.0.0.38
+      host: "adguard01.{{ dmasq_local_domain }}"
 
     - ip: 10.0.2.70
       host: "controlplane.kube.{{ dmasq_local_domain }}"
@@ -21,6 +23,13 @@ dnsmasq:
     - ip: 10.0.2.16
       host: "r710.man.{{ dmasq_local_domain }}"
 
+  srv:
+    - service: VLMCS
+      protocol: TCP
+      domain: "{{ dmasq_local_domain }}"
+      url: 10.0.2.70
+      port: 1688
+
   servers:
     - gateway: 10.0.0.1
       host: "{{ dmasq_local_domain }}"
diff --git a/ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2 b/ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2
index 7a675e0..b2a7a4a 100644
--- a/ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2
+++ b/ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2
@@ -6,6 +6,10 @@ addn-hosts=/etc/hosts.custom
 address=/{{ alias.host }}/{{ alias.ip }}
 {% endfor %}
 
+{% for srv in dnsmasq.srv %}
+srv-host=_{{ srv.service }}._{{ srv.protocol | default("tcp") | upper }}.{{ srv.domain }},{{ srv.url | default(srv.service + "." + srv.domain) }},{{ srv.port }}
+{% endfor %}
+
 {% for server in dnsmasq.servers %}
 {% if server.reverse|default(False) %}
 rev-server={{ server.mask }},{{ server.gateway }}
diff --git a/ansible/roles/pihole/tasks/configure.yml b/ansible/roles/pihole/tasks/configure.yml
index 79d8e70..4c7cd78 100644
--- a/ansible/roles/pihole/tasks/configure.yml
+++ b/ansible/roles/pihole/tasks/configure.yml
@@ -27,7 +27,7 @@
   ansible.builtin.lineinfile:
     path: /etc/pihole/setupVars.conf
     regexp: "^DNSMASQ_LISTENING="
-    line: DNSMASQ_LISTENING=bind
+    line: DNSMASQ_LISTENING=single
     create: yes
 
 - name: Set pihole fqdn forwarding
@@ -45,3 +45,11 @@
     regexp: "^DNS_BOGUS_PRIV="
     line: DNS_BOGUS_PRIV=true
     create: yes
+
+- name: Set pihole iCloud relay
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/pihole/setupVars.conf
+    regexp: "^BLOCK_ICLOUD_PR="
+    line: BLOCK_ICLOUD_PR=false
+    create: yes
diff --git a/ansible/run.yml b/ansible/run.yml
index b018cb0..269974b 100644
--- a/ansible/run.yml
+++ b/ansible/run.yml
@@ -217,8 +217,21 @@
           dtparam=poe_fan_temp1=60000
           dtparam=poe_fan_temp2=63000
           dtparam=poe_fan_temp3=66000
+
+          dtoverlay=vc4-fkms-v3d
         dest: /boot/firmware/usercfg.txt
 
+- hosts: piholes
+  vars_files:
+    - "vars/vault.yml"
+  tags:
+    - pihole
+    - update
+  roles:
+    - role: pihole_updatelist
+    - role: pi_dnsmasq
+    - role: pihole
+
 # - hosts: usg
 #   vars_files:
 #     - "vars/vault.yml"