From ee3a02532de02fa7c80c7db668f98dab151607d3 Mon Sep 17 00:00:00 2001
From: jabertwo <git@jabertwo.de>
Date: Wed, 26 Feb 2025 22:53:44 +0100
Subject: [PATCH] install pihole
---
host_vars/ogg | 13 +++++--
intern/docker_pihole/tasks/main.yml | 34 +++++++++++++++++++
.../templates/dnsmasq/09-localnet.conf | 6 ++++
.../templates/docker-compose.yml | 27 +++++++++++++++
site.yml | 6 ++++
5 files changed, 84 insertions(+), 2 deletions(-)
create mode 100644 intern/docker_pihole/tasks/main.yml
create mode 100644 intern/docker_pihole/templates/dnsmasq/09-localnet.conf
create mode 100644 intern/docker_pihole/templates/docker-compose.yml
diff --git a/host_vars/ogg b/host_vars/ogg
index 1945e2b3..887b05b9 100644
--- a/host_vars/ogg
+++ b/host_vars/ogg
@@ -31,8 +31,16 @@ webserver_ssl: false
# Liste der gehosteten Domänen
webserver_domains:
- - "esphome.warpzone"
- - "unifi.warpzone"
+ - "warpsrvint.warpzone"
+ - "esphome.warpzone.lan"
+ - "fridgeserver.warpzone.lan"
+ - "grafana.warpzone.lan"
+ - "services.warpzone.lan"
+ - "ha-.warpzone.lan"
+ - "omada.warpzone.lan"
+ - "pihole.warpzone.lan"
+ - "tasmoadmin.warpzone.lan"
+ - "zigbee2mqtt.warpzone.lan"
administratorenteam:
- "void"
@@ -66,6 +74,7 @@ alert:
- { name: "mqtt-tgfloat-1" }
- { name: "nodered-app-1" }
- { name: "omada-app-1" }
+ - { name: "pihole-app-1" }
- { name: "tasmoadmin-app-1" }
- { name: "traefik-app-1" }
- { name: "watchtower-app-1" }
diff --git a/intern/docker_pihole/tasks/main.yml b/intern/docker_pihole/tasks/main.yml
new file mode 100644
index 00000000..a13ffa4d
--- /dev/null
+++ b/intern/docker_pihole/tasks/main.yml
@@ -0,0 +1,34 @@
+
+- include_tasks: ../functions/get_secret.yml
+ with_items:
+ - { path: "{{ basedir }}/secrets/admin_password", type: create, length: 24 }
+
+- name: "create folder struct for {{ servicename }}"
+ file:
+ path: "{{ item }}"
+ state: "directory"
+ with_items:
+ - "{{ basedir }}"
+ - "{{ basedir }}/secrets"
+ - "{{ basedir }}/etc"
+ - "{{ basedir }}/dnsmasq"
+
+- name: "create config files for {{ servicename }}"
+ template:
+ src: "{{ item }}"
+ dest: "{{ basedir }}/{{ item }}"
+ with_items:
+ - docker-compose.yml
+ - dnsmasq/09-localnet.conf
+ register: config
+
+- name: "stop {{ servicename}} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: absent
+ when: config.changed
+
+- name: "start {{ servicename}} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: present
\ No newline at end of file
diff --git a/intern/docker_pihole/templates/dnsmasq/09-localnet.conf b/intern/docker_pihole/templates/dnsmasq/09-localnet.conf
new file mode 100644
index 00000000..e6e27290
--- /dev/null
+++ b/intern/docker_pihole/templates/dnsmasq/09-localnet.conf
@@ -0,0 +1,6 @@
+
+# DNS Entries in the Format:
+# address=/double-click.net/127.0.0.1
+{% for domain in webserver_domains %}
+address=/{{domain}}/192.168.0.201
+{% endfor %}
\ No newline at end of file
diff --git a/intern/docker_pihole/templates/docker-compose.yml b/intern/docker_pihole/templates/docker-compose.yml
new file mode 100644
index 00000000..b7c74a8d
--- /dev/null
+++ b/intern/docker_pihole/templates/docker-compose.yml
@@ -0,0 +1,27 @@
+services:
+ app:
+ image: pihole/pihole:latest
+ restart: always
+ ports:
+ - "53:53/tcp"
+ - "53:53/udp"
+ volumes:
+ - '{{ basedir }}/etc:/etc/pihole'
+ - '{{ basedir }}/dnsmasq:/etc/dnsmasq.d'
+ hostname: pihole
+ environment:
+ TZ: 'Europe/Berlin'
+ FTLCONF_LOCAL_IPV4: '{{ int_ip4 }}'
+ WEBPASSWORD: '{{ admin_password }}'
+ labels:
+ - traefik.enable=true
+ - traefik.http.routers.{{ servicename }}.entrypoints=websecure
+ - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
+ - traefik.http.services.{{ servicename }}.loadBalancer.server.port=80
+ networks:
+ - default
+ - web
+
+networks:
+ web:
+ external: true
\ No newline at end of file
diff --git a/site.yml b/site.yml
index b108a0dc..6df8afae 100644
--- a/site.yml
+++ b/site.yml
@@ -231,6 +231,12 @@
omada_port_https: 8043,
omada_portal_https: 8843
}
+ - {
+ role: intern/docker_pihole, tags: pihole,
+ servicename: pihole,
+ basedir: /srv/pihole,
+ domain: "pihole.warpzone.lan"
+ }
- {
role: intern/docker_tasmoadmin, tags: [ tasmoadmin, docker_services ],
servicename: tasmoadmin,
--
GitLab