diff --git a/README.md b/README.md new file mode 100644 index 0000000..484d527 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +ansible role to deploy and configure pihole, including local DNS entries + +# Required variables +... e.g. in `group_vars` +- `local_dns_entries` A list of local DNS entries to be set up. Only IPv4 is supported currently. Example: + ``` + local_dns_entries: + - domain: printer.local + ip4: 192.168.1.50 + ``` +- `pihole_admin_password` The password to be used on the WebUI login. Should be defined in an encrypted ansible vault \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml index ee579bb..0129ce7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,5 @@ --- -pihole_os_supported: False \ No newline at end of file +pihole_os_supported: False + +pihole_primary_dns_server: "208.67.222.220" +pihole_fallback_dns_server: "208.67.222.222" \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml index f97d40d..072a11a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -23,21 +23,21 @@ - name: Check whether pi-hole is installed stat: - path: /etc/pihole + path: "{{ pihole_config_dir }}" register: pihole_dir - name: Clone the pi-hole repo ansible.builtin.git: repo: https://github.com/pi-hole/pi-hole.git depth: 1 - dest: "/var/pi-hole" + dest: "{{ pihole_download_dir }}" version: master when: not pihole_dir.stat.exists -- name: Set /etc/pihole/setupVars.conf +- name: Set setupVars.conf template: src: setupVars.conf.j2 - dest: /etc/pihole/setupVars.conf + dest: "{{ pihole_config_dir }}setupVars.conf" owner: root mode: 0400 when: not pihole_dir.stat.exists @@ -45,7 +45,7 @@ # pihole unattented install only works if /etc/pihole/setupVars.conf already exists # debug tip: keep track of the install progress by tailing the log-file - name: Run pi-hole install script - ansible.builtin.shell: "'/var/pi-hole/automated install/basic-install.sh' --unattended >> {{ ansible_env.HOME }}/pihole_install.log" + ansible.builtin.shell: "'{{ pihole_download_dir }}automated install/basic-install.sh' --unattended >> {{ ansible_env.HOME }}/pihole_install.log" args: warn: false when: not pihole_dir.stat.exists @@ -56,7 +56,7 @@ - name: Set local DNS entries template: src: custom.list.j2 - dest: /etc/pihole/custom.list + dest: "{{ pihole_config_dir }}custom.list" owner: root mode: 0664 diff --git a/templates/setupVars.conf.j2 b/templates/setupVars.conf.j2 index 3b381fc..fc98c07 100644 --- a/templates/setupVars.conf.j2 +++ b/templates/setupVars.conf.j2 @@ -8,10 +8,10 @@ LIGHTTPD_ENABLED=true CACHE_SIZE=10000 BLOCKING_ENABLED=true {# doesn't matter, password will be set using pihole cli later #} -WEBPASSWORD=642da416d1acba139eb3514b7ef3318104937f4eeceb8b33663d46c23f56dbfa +WEBPASSWORD=642da416d1acba139eb35a948e43318104937f4eeceb8b33663d46c23f56dbfa DNSMASQ_LISTENING=single -PIHOLE_DNS_1=192.168.2.105#5335 -PIHOLE_DNS_2=208.67.222.220 +PIHOLE_DNS_1={{ pihole_primary_dns_server }} +PIHOLE_DNS_2={{ pihole_fallback_dns_server }} DNS_FQDN_REQUIRED=true DNS_BOGUS_PRIV=true DNSSEC=false diff --git a/vars/debian.yml b/vars/debian.yml index 2256703..a62c480 100644 --- a/vars/debian.yml +++ b/vars/debian.yml @@ -1,2 +1,5 @@ --- -pihole_os_supported: True \ No newline at end of file +pihole_os_supported: True + +pihole_config_dir: /etc/pihole/ +pihole_download_dir: /var/pi-hole/ \ No newline at end of file