From 5e9c5f7683e95f638df1f9304764377d548713a5 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Tue, 24 Jan 2023 20:15:21 +0000 Subject: [PATCH] Version pihole settings --- ansible/roles/pihole/files/setup-vars.conf | 25 ++++++++++++++++++++++ ansible/roles/pihole/tasks/main.yml | 11 ++++++++++ ansible/roles/pihole/vars/main.yml | 1 + ansible/roles/pihole/vars/vault.yml | 9 ++++++++ 4 files changed, 46 insertions(+) create mode 100644 ansible/roles/pihole/files/setup-vars.conf create mode 100644 ansible/roles/pihole/vars/main.yml create mode 100644 ansible/roles/pihole/vars/vault.yml diff --git a/ansible/roles/pihole/files/setup-vars.conf b/ansible/roles/pihole/files/setup-vars.conf new file mode 100644 index 0000000..94afbb1 --- /dev/null +++ b/ansible/roles/pihole/files/setup-vars.conf @@ -0,0 +1,25 @@ +PIHOLE_INTERFACE=eth0 +QUERY_LOGGING=false +INSTALL_WEB_SERVER=true +INSTALL_WEB_INTERFACE=true +LIGHTTPD_ENABLED=true +CACHE_SIZE=10000 +DNS_FQDN_REQUIRED=true +DNS_BOGUS_PRIV=true +DNSMASQ_LISTENING=bind +WEBPASSWORD={{ pihole_web_password | hash("sha256") | hash("sha256") }} +BLOCKING_ENABLED=true +DNSSEC=false +REV_SERVER=false +DHCP_ACTIVE=true +DHCP_START=192.168.1.10 +DHCP_END=192.168.1.199 +DHCP_ROUTER=192.168.1.1 +DHCP_LEASETIME=24 +PIHOLE_DOMAIN=lan +DHCP_IPv6=true +DHCP_rapid_commit=false +PIHOLE_DNS_1=9.9.9.10 +PIHOLE_DNS_2=149.112.112.10 +PIHOLE_DNS_3=2620:fe::10 +PIHOLE_DNS_4=2620:fe::fe:10 diff --git a/ansible/roles/pihole/tasks/main.yml b/ansible/roles/pihole/tasks/main.yml index 7b65bb9..e6153be 100644 --- a/ansible/roles/pihole/tasks/main.yml +++ b/ansible/roles/pihole/tasks/main.yml @@ -1,3 +1,6 @@ +- name: Include vault + include_vars: vault.yml + - name: Install internal alias config template: src: files/internal-alias.conf @@ -5,3 +8,11 @@ mode: 0644 notify: restart pihole FTL become: true + +- name: Install pihole config + template: + src: files/setup-vars.conf + dest: /etc/pihole/setupVars.conf + mode: 0644 + notify: restart pihole FTL + become: true diff --git a/ansible/roles/pihole/vars/main.yml b/ansible/roles/pihole/vars/main.yml new file mode 100644 index 0000000..ad43800 --- /dev/null +++ b/ansible/roles/pihole/vars/main.yml @@ -0,0 +1 @@ +pihole_web_password: "{{ vault_pihole_web_password }}" diff --git a/ansible/roles/pihole/vars/vault.yml b/ansible/roles/pihole/vars/vault.yml new file mode 100644 index 0000000..73fe04d --- /dev/null +++ b/ansible/roles/pihole/vars/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +66636263396334636539636365646537653432613831363035306465623566623636623464326562 +3335626466373839346639653537363162623664333432340a383061366238386564346265353835 +35373961616632643831363864643436383031383231346338353735633134383539613533663935 +3766666364623362630a633564343038316131306561363730663930393234303839613565373336 +61366230326239336635316366363238633061313138303132663563613131383033366661313165 +66353961343234643536336531313734336331643938666631616665316133386233303633663032 +62633733646131396634343932636561306636323635323536353562626334653866343337613336 +61633136303336633966