Init PiHole role

This commit is contained in:
Roxedus 2021-08-17 00:05:31 +02:00
parent ae7575d508
commit 3dc2ee311a
Signed by: Roxedus
GPG Key ID: 9B4E311961C63639
5 changed files with 126 additions and 60 deletions

View File

@ -0,0 +1,41 @@
- name: Set pihole webpassword
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^WEBPASSWORD="
line: WEBPASSWORD={{ pihole.password | hash("sha256") | hash("sha256") | default("")}}
create: yes
- name: Set pihole theme
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^WEBTHEME="
line: WEBTHEME=default-dark #default-dark default-darker default-light
create: yes
- name: Set pihole layout
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^WEBUIBOXEDLAYOUT="
line: WEBUIBOXEDLAYOUT=boxed
create: yes
- name: Set pihole listen
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^DNSMASQ_LISTENING="
line: DNSMASQ_LISTENING=local
create: yes
- name: Set pihole fqdn forwarding
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^DNS_FQDN_REQUIRED="
line: DNS_FQDN_REQUIRED=true
create: yes
- name: Set pihole reverse lookup
ansible.builtin.lineinfile:
path: /etc/pihole/setupVars.conf
regexp: "^DNS_BOGUS_PRIV="
line: DNS_BOGUS_PRIV=true
create: yes

View File

@ -0,0 +1,43 @@
- name: Get dependencies for PiHole
when: not pihole_setup.stat.exists
become: yes
ansible.builtin.apt:
name:
[
"cron",
"curl",
"dhcpcd5",
"dns-root-data",
"dnsutils",
"git",
"idn2",
"idn2",
"iputils-ping",
"libcap2-bin",
"libcap2",
"lighttpd",
"lsof",
"netcat",
"php-cgi",
"php-cli",
"php-curl",
"php-intl",
"php-sqlite3",
"php-xml",
"psmisc",
"sqlite3",
"sudo",
"unzip",
"wget",
"whiptail",
]
state: latest
- name: Checkout PiHole
become: yes
ansible.builtin.git:
repo: "https://github.com/pi-hole/pi-hole.git"
clone: yes
dest: "/etc/.pihole"
depth: 1
umask: "022"

View File

@ -0,0 +1,18 @@
- name: Check if PiHole is cloned
stat:
path: "/etc/pihole"
register: pihole_clone
- name: Gather PiHole
when: not pihole_clone.stat.exists
include: gather.yml
- name: Check if PiHole is installed
stat:
path: "/usr/local/bin/pihole"
register: pihole_bin
- name: Configure PiHole
when: pihole_bin.stat.exists
include: configure.yml
become: yes

View File

@ -0,0 +1,21 @@
{{ ansible_managed | comment}}
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS={{ ansible_default_ipv4.address|default(ansible_all_ipv4_addresses[0]) }}/24
IPV6_ADDRESS=
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
CACHE_SIZE=10000
BLOCKING_ENABLED=true
WEBPASSWORD={{ secret_sudo | hash('sha256') | hash('sha256') }}
ADMIN_EMAIL=
WEBUIBOXEDLAYOUT=boxed
WEBTHEME=default-dark
DNSMASQ_LISTENING=local
PIHOLE_DNS_1=208.67.222.222
PIHOLE_DNS_2=208.67.220.220
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=false
DNSSEC=false
REV_SERVER=false

View File

@ -155,68 +155,11 @@
- hosts: piholes - hosts: piholes
vars_files: vars_files:
- "vars/vault.yml" - "vars/vault.yml"
pre_tasks: tags: [update, pihole]
- name: Checkout pihole
tags: [never, init, pihole]
become: yes
ansible.builtin.git:
repo: "https://github.com/pi-hole/pi-hole.git"
clone: yes
dest: "/etc/.pihole"
depth: 1
umask: "022"
- name: Checkout pihole_updatelist
tags: [never, init, pihole]
ansible.builtin.git:
repo: "https://github.com/jacklul/pihole-updatelists.git"
clone: yes
dest: "/home/{{ users.0.username }}/pihole_updatelist"
depth: 1
- name: Get dependencies
become: yes
tags: [never, init, pihole]
ansible.builtin.apt:
name:
[
"cron",
"curl",
"dhcpcd5",
"dns-root-data",
"dns-root-data",
"dnsutils",
"git",
"idn2",
"idn2",
"iputils-ping",
"libcap2-bin",
"libcap2",
"lighttpd",
"lsof",
"netcat",
"php-cgi",
"php-cli",
"php-curl",
"php-intl",
"php-sqlite3",
"php-sqlite3",
"php-xml",
"psmisc",
"sqlite3",
"sudo",
"unzip",
"unzip",
"wget",
"whiptail",
]
state: latest
roles: roles:
- role: pi_updatelist - role: pihole_updatelist
tags: [update]
- role: pi_dnsmasq - role: pi_dnsmasq
tags: [update] - role: pihole
- hosts: all - hosts: all
become: yes become: yes