systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 17 Activity Actions

Merge custom dnsmasq config into pihole

Browse source
This commit is contained in:
Jake Howard 2020-03-17 20:29:40 +00:00
parent 8093bcbcbb
commit 24686f8cb3
Signed by: jake
GPG key ID: 57AFB45680EDD477
9 changed files with 29 additions and 83 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ansible/roles/docker/files/dnsmasq/dnsmasq.conf
View file

@ -1,7 +0,0 @@
bogus-priv
keep-in-foreground
server=1.1.1.1
server=1.0.0.1
port=53
expand-hosts
addn-hosts=/etc/dnsmasq-hosts.conf

11
ansible/roles/docker/files/dnsmasq/docker-compose.yml
View file

@ -1,11 +0,0 @@
version: "2.3"
services:
vpn-dns:
image: programster/dnsmasq:latest
container_name: vpn-dns
ports:
- "{{ wireguard.clients.intersect.ip }}:53:53/udp"
volumes:
- ./dnsmasq.conf:/etc/dnsmasq.conf:ro
- ./vpn-hosts.conf:/etc/dnsmasq-hosts.conf:ro
restart: unless-stopped

3
ansible/roles/docker/files/dnsmasq/vpn-hosts.conf
View file

@ -1,3 +0,0 @@
{% for host in internal_hostnames %}
{{ wireguard.clients.intersect.ip }} {{ host }}
{% endfor %}

3
ansible/roles/docker/files/pihole/dnsmasq-vpn.conf Normal file
View file

@ -0,0 +1,3 @@
{% for host in internal_hostnames %}
host-record={{ host }},{{ wireguard.clients.intersect.ip }}
{% endfor %}

8
ansible/roles/docker/files/pihole/docker-compose.yml
View file

@ -5,14 +5,14 @@ services:
container_name: pihole container_name: pihole
image: pihole/pihole:v4.4 image: pihole/pihole:v4.4
ports: ports:
- "{{ wireguard.clients.intersect.ip }}:5353:53/tcp" - "{{ wireguard.clients.intersect.ip }}:53:53/tcp"
- "{{ wireguard.clients.intersect.ip }}:5353:53/udp" - "{{ wireguard.clients.intersect.ip }}:53:53/udp"
environment: environment:
- TZ=Europe/London - TZ=Europe/London
- VIRTUAL_HOST=pihole.jakehoward.tech - VIRTUAL_HOST=pihole.jakehoward.tech
volumes: volumes:
- ./etc-pihole/:/etc/pihole/ - ./pihole/:/etc/pihole/
- ./etc-dnsmasq.d/:/etc/dnsmasq.d/ - ./dnsmasq.d/:/etc/dnsmasq.d/
restart: unless-stopped restart: unless-stopped
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"

54
ansible/roles/docker/tasks/dnsmasq.yml
View file

@ -1,54 +0,0 @@
- name: Include dnsmasq variables
include_vars: dnsmasq.yml
- name: Create dnsmasq directory
file:
path: '/opt/dnsmasq'
state: directory
owner: "{{ docker_user.name }}"
mode: "{{ docker_compose_directory_mask }}"
become: true
become_user: root
- name: Install dnsmasq compose file
template:
src: files/dnsmasq/docker-compose.yml
dest: "/opt/dnsmasq/docker-compose.yml"
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
validate: /usr/bin/docker-compose -f %s config
register: compose_file
become: true
become_user: root
- name: Install dnsmasq config
template:
src: files/dnsmasq/dnsmasq.conf
dest: "/opt/dnsmasq/dnsmasq.conf"
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
register: dnsmasq_config
become: true
become_user: root
- name: Install dnsmasq vpn hosts
template:
src: files/dnsmasq/vpn-hosts.conf
dest: "/opt/dnsmasq/vpn-hosts.conf"
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
register: dnsmasq_vpn_hosts
become: true
become_user: root
- name: Cycle dnsmasq container
docker_compose:
project_src: /opt/dnsmasq
pull: true
remove_orphans: true
remove_volumes: true
state: "{{ item }}"
when: compose_file.changed or dnsmasq_config.changed or dnsmasq_vpn_hosts.changed
loop:
- absent
- present

3
ansible/roles/docker/tasks/main.yml
View file

@ -13,9 +13,6 @@
- name: Install portainer - name: Install portainer
include: portainer.yml include: portainer.yml
- name: Install dnsmasq
include: dnsmasq.yml
- name: Install whoami - name: Install whoami
include: whoami.yml include: whoami.yml

23
ansible/roles/docker/tasks/pihole.yml
View file

@ -1,3 +1,6 @@
- name: Include pihole variables
include_vars: pihole.yml
- name: Create pihole directory - name: Create pihole directory
file: file:
path: '/opt/pihole' path: '/opt/pihole'
@ -18,6 +21,24 @@
become: true become: true
become_user: root become_user: root
- name: Create dnsmasq directory
file:
path: '/opt/pihole/dnsmasq.d/'
state: directory
mode: "{{ docker_compose_directory_mask }}"
become: true
become_user: root
- name: Install dnsmasq hosts config
template:
src: files/pihole/dnsmasq-vpn.conf
dest: "/opt/pihole/dnsmasq.d/02-vpn.conf"
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
register: dnsmasq_vpn_hosts
become: true
become_user: root
- name: Cycle pihole container - name: Cycle pihole container
docker_compose: docker_compose:
project_src: /opt/pihole project_src: /opt/pihole
@ -25,7 +46,7 @@
remove_orphans: true remove_orphans: true
remove_volumes: true remove_volumes: true
state: "{{ item }}" state: "{{ item }}"
when: compose_file.changed when: compose_file.changed or dnsmasq_vpn_hosts.changed
loop: loop:
- absent - absent
- present - present

0
ansible/roles/docker/vars/dnsmasq.yml → ansible/roles/docker/vars/pihole.yml
View file