add pihole stack
This commit is contained in:
parent
7c640ae576
commit
1b8571a501
5 changed files with 66 additions and 0 deletions
|
|
@ -22,3 +22,4 @@ docker_node_labels:
|
||||||
seafile: "true"
|
seafile: "true"
|
||||||
freshrss: "true"
|
freshrss: "true"
|
||||||
nextcloud: "true"
|
nextcloud: "true"
|
||||||
|
pihole: "true"
|
||||||
|
|
|
||||||
|
|
@ -16,3 +16,4 @@
|
||||||
- {role: swarm_dashboard, tags: swarm_dashboard}
|
- {role: swarm_dashboard, tags: swarm_dashboard}
|
||||||
- {role: shephard, tags: shephard}
|
- {role: shephard, tags: shephard}
|
||||||
- {role: jitsi, tags: jitsi}
|
- {role: jitsi, tags: jitsi}
|
||||||
|
- {role: pihole, tags: pihole}
|
||||||
|
|
|
||||||
41
ansible/roles/pihole/docker-stack.yml.j2
Normal file
41
ansible/roles/pihole/docker-stack.yml.j2
Normal file
|
|
@ -0,0 +1,41 @@
|
||||||
|
# vi: ft=yaml
|
||||||
|
version: "3"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
traefik:
|
||||||
|
external: true
|
||||||
|
pihole:
|
||||||
|
|
||||||
|
services:
|
||||||
|
pihole:
|
||||||
|
image: pihole/pihole:latest
|
||||||
|
ports:
|
||||||
|
- "53:53/tcp"
|
||||||
|
- "53:53/udp"
|
||||||
|
network_mode: "host"
|
||||||
|
environment:
|
||||||
|
TZ: 'Europe/Amsterdam'
|
||||||
|
WEBPASSWORD: {{ pihole_password }}
|
||||||
|
PIHOLE_DNS_: '192.168.30.1'
|
||||||
|
volumes:
|
||||||
|
- type: bind
|
||||||
|
source: /mnt/data/pihole/data
|
||||||
|
target: /etc/pihole
|
||||||
|
- type: bind
|
||||||
|
source: /mnt/data/pihole/dnsmasq
|
||||||
|
target: /etc/dnsmasq.d
|
||||||
|
networks:
|
||||||
|
- traefik
|
||||||
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- "node.labels.pihole == true"
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.http.routers.pihole.entrypoints=localsecure
|
||||||
|
- traefik.http.routers.pihole.rule=Host(`pihole.pim.kunis.nl`)
|
||||||
|
- traefik.http.routers.pihole.tls=true
|
||||||
|
- traefik.http.routers.pihole.tls.certresolver=letsencrypt
|
||||||
|
- traefik.http.routers.pihole.service=pihole
|
||||||
|
- traefik.http.services.pihole.loadbalancer.server.port=80
|
||||||
|
- traefik.docker.network=traefik
|
||||||
15
ansible/roles/pihole/tasks/main.yml
Normal file
15
ansible/roles/pihole/tasks/main.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
- name: Create working directory
|
||||||
|
file:
|
||||||
|
path: /srv/pihole
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Copy Docker stack file
|
||||||
|
template:
|
||||||
|
src: "{{ role_path }}/docker-stack.yml.j2"
|
||||||
|
dest: /srv/pihole/docker-stack.yml
|
||||||
|
|
||||||
|
- name: Deploy Docker stack
|
||||||
|
docker_stack:
|
||||||
|
name: pihole
|
||||||
|
compose:
|
||||||
|
- /srv/pihole/docker-stack.yml
|
||||||
8
ansible/roles/pihole/vars/main.yml
Normal file
8
ansible/roles/pihole/vars/main.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
pihole_password: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
38616134666661363535303137373633613063613731383766303633336533373233363736333263
|
||||||
|
3461336138663861623134633031663631633666393939340a396561643132333665373430343466
|
||||||
|
36626633366232376236383434336166353638653733666566336266373739663236636334373866
|
||||||
|
3261303962613966610a643765613762396335643233383432613737316361386234663365656566
|
||||||
|
30336535326437336437383336393838306161333662346165333262383735616137653766653165
|
||||||
|
3361333436346130376261316133323963393338633838303031
|
||||||
Reference in a new issue