configurations-ansible/roles/pi-hole/tasks/main.yml

65 lines
1.8 KiB
YAML
Raw Normal View History

---
# tasks file for pi-hole
- name: Pi-Hole setup
when: "'global.update_only' not in ansible_run_tags"
block:
- name: Populate service facts
ansible.builtin.service_facts:
- name: Start install process for pihole if service not found
when: "ansible_facts.services['pihole-FTL.service'] is not defined"
block:
- name: Install cURL if not present
ansible.builtin.package:
name: curl
- name: Execute manually the automated install and follow instructions, after that you can install custom list
ansible.builtin.debug:
msg: "curl -sSL https://install.pi-hole.net | bash"
2022-11-21 16:52:36 +01:00
- name: iptables-webserver
ansible.builtin.include_role:
name: iptables-webserver
- name: Setup iptables rules
ansible.builtin.iptables:
chain: INPUT
protocol: '{{ item }}'
destination_port: 53
jump: ACCEPT
comment: Accept DNS connections
loop: [tcp,udp]
- name: iptables-persistent
ansible.builtin.include_role:
name: iptables-persistent
- name: Update pihole FTL
when: "'global.update_only' in ansible_run_tags"
ansible.builtin.shell: pihole -up
- block:
- name: Check if pi-hole db exists
stat:
path: /etc/pihole/gravity.db
register: pihole_db
- name: Install sqlite3 package
ansible.builtin.package:
name: sqlite3
- name: Install more lists than default
when: pihole_db.stat.exists
ansible.builtin.shell:
cmd: sqlite3 /etc/pihole/gravity.db "INSERT INTO adlist (address, enabled, comment) VALUES ('{{ item }}', 1, '');"
loop: "{{ pihole_custom_list }}"
when: "pihole_install_custom_list is true"
- name: Update Gravity
ansible.builtin.shell: pihole updateGravity
when: "
(pihole_install_custom_list is true) or
('pihole.update_gravity' in ansible_run_tags)
"