install pihole

host_vars/ogg

@@ -31,8 +31,16 @@ webserver_ssl: false
 
 # Liste der gehosteten Domänen
 webserver_domains:
-  - "esphome.warpzone"
-  - "unifi.warpzone"
+  - "warpsrvint.warpzone"
+  - "esphome.warpzone.lan"
+  - "fridgeserver.warpzone.lan"
+  - "grafana.warpzone.lan"
+  - "services.warpzone.lan"
+  - "ha-.warpzone.lan"
+  - "omada.warpzone.lan"
+  - "pihole.warpzone.lan"
+  - "tasmoadmin.warpzone.lan"
+  - "zigbee2mqtt.warpzone.lan"
 
 administratorenteam:
   - "void"
@@ -66,6 +74,7 @@ alert:
     - { name: "mqtt-tgfloat-1" } 
     - { name: "nodered-app-1" }
     - { name: "omada-app-1" }
+    - { name: "pihole-app-1" }
     - { name: "tasmoadmin-app-1" }
     - { name: "traefik-app-1" }
     - { name: "watchtower-app-1" }

intern/docker_pihole/tasks/main.yml

+       
+- include_tasks: ../functions/get_secret.yml
+  with_items:
+    - { path: "{{ basedir }}/secrets/admin_password",  type: create, length: 24 }
+
+- name: "create folder struct for {{ servicename }}"
+  file:
+    path: "{{ item }}"
+    state: "directory"
+  with_items:
+    - "{{ basedir }}"
+    - "{{ basedir }}/secrets"
+    - "{{ basedir }}/etc"
+    - "{{ basedir }}/dnsmasq"
+
+- name: "create config files for {{ servicename }}"
+  template:
+    src: "{{ item }}"
+    dest: "{{ basedir }}/{{ item }}"
+  with_items:
+    - docker-compose.yml
+    - dnsmasq/09-localnet.conf
+  register: config
+
+- name: "stop {{ servicename}} docker"
+  community.docker.docker_compose_v2:
+    project_src: "{{ basedir }}"
+    state: absent
+  when: config.changed
+
+- name: "start {{ servicename}} docker"
+  community.docker.docker_compose_v2:
+    project_src: "{{ basedir }}"
+    state: present
\ No newline at end of file

intern/docker_pihole/templates/dnsmasq/09-localnet.conf

+
+# DNS Entries in the Format:
+# address=/double-click.net/127.0.0.1
+{% for domain in webserver_domains %}
+address=/{{domain}}/192.168.0.201
+{% endfor %}
\ No newline at end of file

intern/docker_pihole/templates/docker-compose.yml

+services:
+  app:
+    image: pihole/pihole:latest
+    restart: always
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+    volumes:
+      - '{{ basedir }}/etc:/etc/pihole'
+      - '{{ basedir }}/dnsmasq:/etc/dnsmasq.d'
+    hostname: pihole
+    environment:
+      TZ: 'Europe/Berlin'
+      FTLCONF_LOCAL_IPV4: '{{ int_ip4 }}'
+      WEBPASSWORD: '{{ admin_password }}'
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.{{ servicename }}.entrypoints=websecure
+      - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
+      - traefik.http.services.{{ servicename }}.loadBalancer.server.port=80
+    networks:
+      - default
+      - web
+
+networks:
+  web:
+    external: true
\ No newline at end of file

site.yml

@@ -231,6 +231,12 @@
         omada_port_https: 8043,
         omada_portal_https: 8843
       }
+    - { 
+        role: intern/docker_pihole, tags: pihole,
+        servicename: pihole,
+        basedir: /srv/pihole,
+        domain: "pihole.warpzone.lan"
+      }
     - { 
         role: intern/docker_tasmoadmin, tags: [ tasmoadmin, docker_services ],
         servicename: tasmoadmin,