diff --git a/ansible/roles/docker/files/dnsmasq/dnsmasq.conf b/ansible/roles/docker/files/dnsmasq/dnsmasq.conf deleted file mode 100644 index 5c937bd..0000000 --- a/ansible/roles/docker/files/dnsmasq/dnsmasq.conf +++ /dev/null @@ -1,7 +0,0 @@ -bogus-priv -keep-in-foreground -server=1.1.1.1 -server=1.0.0.1 -port=53 -expand-hosts -addn-hosts=/etc/dnsmasq-hosts.conf diff --git a/ansible/roles/docker/files/dnsmasq/docker-compose.yml b/ansible/roles/docker/files/dnsmasq/docker-compose.yml deleted file mode 100644 index a3dc22a..0000000 --- a/ansible/roles/docker/files/dnsmasq/docker-compose.yml +++ /dev/null @@ -1,11 +0,0 @@ -version: "2.3" -services: - vpn-dns: - image: programster/dnsmasq:latest - container_name: vpn-dns - ports: - - "{{ wireguard.clients.intersect.ip }}:53:53/udp" - volumes: - - ./dnsmasq.conf:/etc/dnsmasq.conf:ro - - ./vpn-hosts.conf:/etc/dnsmasq-hosts.conf:ro - restart: unless-stopped diff --git a/ansible/roles/docker/files/dnsmasq/vpn-hosts.conf b/ansible/roles/docker/files/dnsmasq/vpn-hosts.conf deleted file mode 100644 index 71db069..0000000 --- a/ansible/roles/docker/files/dnsmasq/vpn-hosts.conf +++ /dev/null @@ -1,3 +0,0 @@ -{% for host in internal_hostnames %} -{{ wireguard.clients.intersect.ip }} {{ host }} -{% endfor %} diff --git a/ansible/roles/docker/files/pihole/dnsmasq-vpn.conf b/ansible/roles/docker/files/pihole/dnsmasq-vpn.conf new file mode 100644 index 0000000..1400b28 --- /dev/null +++ b/ansible/roles/docker/files/pihole/dnsmasq-vpn.conf @@ -0,0 +1,3 @@ +{% for host in internal_hostnames %} +host-record={{ host }},{{ wireguard.clients.intersect.ip }} +{% endfor %} diff --git a/ansible/roles/docker/files/pihole/docker-compose.yml b/ansible/roles/docker/files/pihole/docker-compose.yml index 2d70d44..3a2a009 100644 --- a/ansible/roles/docker/files/pihole/docker-compose.yml +++ b/ansible/roles/docker/files/pihole/docker-compose.yml @@ -5,14 +5,14 @@ services: container_name: pihole image: pihole/pihole:v4.4 ports: - - "{{ wireguard.clients.intersect.ip }}:5353:53/tcp" - - "{{ wireguard.clients.intersect.ip }}:5353:53/udp" + - "{{ wireguard.clients.intersect.ip }}:53:53/tcp" + - "{{ wireguard.clients.intersect.ip }}:53:53/udp" environment: - TZ=Europe/London - VIRTUAL_HOST=pihole.jakehoward.tech volumes: - - ./etc-pihole/:/etc/pihole/ - - ./etc-dnsmasq.d/:/etc/dnsmasq.d/ + - ./pihole/:/etc/pihole/ + - ./dnsmasq.d/:/etc/dnsmasq.d/ restart: unless-stopped labels: - "traefik.enable=true" diff --git a/ansible/roles/docker/tasks/dnsmasq.yml b/ansible/roles/docker/tasks/dnsmasq.yml deleted file mode 100644 index a1d318e..0000000 --- a/ansible/roles/docker/tasks/dnsmasq.yml +++ /dev/null @@ -1,54 +0,0 @@ -- name: Include dnsmasq variables - include_vars: dnsmasq.yml - -- name: Create dnsmasq directory - file: - path: '/opt/dnsmasq' - state: directory - owner: "{{ docker_user.name }}" - mode: "{{ docker_compose_directory_mask }}" - become: true - become_user: root - -- name: Install dnsmasq compose file - template: - src: files/dnsmasq/docker-compose.yml - dest: "/opt/dnsmasq/docker-compose.yml" - mode: "{{ docker_compose_file_mask }}" - owner: "{{ docker_user.name }}" - validate: /usr/bin/docker-compose -f %s config - register: compose_file - become: true - become_user: root - -- name: Install dnsmasq config - template: - src: files/dnsmasq/dnsmasq.conf - dest: "/opt/dnsmasq/dnsmasq.conf" - mode: "{{ docker_compose_file_mask }}" - owner: "{{ docker_user.name }}" - register: dnsmasq_config - become: true - become_user: root - -- name: Install dnsmasq vpn hosts - template: - src: files/dnsmasq/vpn-hosts.conf - dest: "/opt/dnsmasq/vpn-hosts.conf" - mode: "{{ docker_compose_file_mask }}" - owner: "{{ docker_user.name }}" - register: dnsmasq_vpn_hosts - become: true - become_user: root - -- name: Cycle dnsmasq container - docker_compose: - project_src: /opt/dnsmasq - pull: true - remove_orphans: true - remove_volumes: true - state: "{{ item }}" - when: compose_file.changed or dnsmasq_config.changed or dnsmasq_vpn_hosts.changed - loop: - - absent - - present diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index 4041589..e5b40d5 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -13,9 +13,6 @@ - name: Install portainer include: portainer.yml -- name: Install dnsmasq - include: dnsmasq.yml - - name: Install whoami include: whoami.yml diff --git a/ansible/roles/docker/tasks/pihole.yml b/ansible/roles/docker/tasks/pihole.yml index c5a142d..3ce22cd 100644 --- a/ansible/roles/docker/tasks/pihole.yml +++ b/ansible/roles/docker/tasks/pihole.yml @@ -1,3 +1,6 @@ +- name: Include pihole variables + include_vars: pihole.yml + - name: Create pihole directory file: path: '/opt/pihole' @@ -18,6 +21,24 @@ become: true become_user: root +- name: Create dnsmasq directory + file: + path: '/opt/pihole/dnsmasq.d/' + state: directory + mode: "{{ docker_compose_directory_mask }}" + become: true + become_user: root + +- name: Install dnsmasq hosts config + template: + src: files/pihole/dnsmasq-vpn.conf + dest: "/opt/pihole/dnsmasq.d/02-vpn.conf" + mode: "{{ docker_compose_file_mask }}" + owner: "{{ docker_user.name }}" + register: dnsmasq_vpn_hosts + become: true + become_user: root + - name: Cycle pihole container docker_compose: project_src: /opt/pihole @@ -25,7 +46,7 @@ remove_orphans: true remove_volumes: true state: "{{ item }}" - when: compose_file.changed + when: compose_file.changed or dnsmasq_vpn_hosts.changed loop: - absent - present diff --git a/ansible/roles/docker/vars/dnsmasq.yml b/ansible/roles/docker/vars/pihole.yml similarity index 100% rename from ansible/roles/docker/vars/dnsmasq.yml rename to ansible/roles/docker/vars/pihole.yml