Initial commit

defaults/main.yml

@@ -0,0 +1,2 @@
+---
+pihole_os_supported: False

handlers/main.yml

@@ -0,0 +1 @@
+---

tasks/main.yml

@@ -0,0 +1,65 @@
+---
+- name: Set OS dependent variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_version | lower }}.yml"
+        - "{{ ansible_distribution | lower }}_{{ ansible_distribution_major_version | lower }}.yml"
+        - "{{ ansible_distribution | lower }}.yml"
+        - "{{ ansible_os_family | lower }}.yml"
+        - "{{ ansible_system | lower }}.yml"
+      paths:
+        - '{{ role_path }}/vars'
+  ignore_errors: True
+
+- name: OS is supported
+  ansible.builtin.assert:
+    that: __os_supported
+    quiet: True
+  vars:
+    __os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"
+
+
+- name: Check whether pi-hole is installed
+  stat:
+    path: /etc/pihole
+  register: pihole_dir
+
+- name: Clone the pi-hole repo
+  ansible.builtin.git:
+    repo: https://github.com/pi-hole/pi-hole.git
+    depth: 1
+    dest: "/var/pi-hole"
+    version: master
+  when: not pihole_dir.stat.exists
+
+- name: Set /etc/pihole/setupVars.conf
+  template:
+    src: setupVars.conf.j2
+    dest: /etc/pihole/setupVars.conf
+    owner: root
+    mode: 0400
+  when: not pihole_dir.stat.exists
+
+# pihole unattented install only works if /etc/pihole/setupVars.conf already exists
+# debug tip: keep track of the install progress by tailing the log-file
+- name: Run pi-hole install script
+  ansible.builtin.shell: "'/var/pi-hole/automated install/basic-install.sh' --unattended >> {{ ansible_env.HOME }}/pihole_install.log"
+  args:
+    warn: false
+  when: not pihole_dir.stat.exists
+
+- name: Set admin password
+  shell: "pihole -a -p {{ pihole_admin_password }}"
+
+- name: Set local DNS entries
+  template:
+    src: custom.list.j2
+    dest: /etc/pihole/custom.list
+    owner: root
+    mode: 0664
+
+- name: Restart pihole
+  become: yes
+  shell: "pihole restartdns"

templates/custom.list.j2

@@ -0,0 +1,3 @@
+{% for dns_entry in local_dns_entries %}
+{{ dns_entry.ip4 }} {{ dns_entry.domain }}
+{% endfor %}

templates/setupVars.conf.j2

@@ -0,0 +1,18 @@
+PIHOLE_INTERFACE=eth0
+IPV4_ADDRESS={{ query('community.general.dig', inventory_hostname, 'qtype=A') | first }}/24
+{# IPV6_ADDRESS={{ query('community.general.dig', inventory_hostname, 'qtype=AAAA') | first }} #}
+QUERY_LOGGING=true
+INSTALL_WEB_SERVER=true
+INSTALL_WEB_INTERFACE=true
+LIGHTTPD_ENABLED=true
+CACHE_SIZE=10000
+BLOCKING_ENABLED=true
+{# doesn't matter, password will be set using pihole cli later #}
+WEBPASSWORD=642da416d1acba139eb3514b7ef3318104937f4eeceb8b33663d46c23f56dbfa
+DNSMASQ_LISTENING=single
+PIHOLE_DNS_1=192.168.2.105#5335
+PIHOLE_DNS_2=208.67.222.220
+DNS_FQDN_REQUIRED=true
+DNS_BOGUS_PRIV=true
+DNSSEC=false
+REV_SERVER=false

vars/debian.yml

@@ -0,0 +1,2 @@
+---
+pihole_os_supported: True