diff options
Diffstat (limited to 'playbooks')
| -rw-r--r-- | playbooks/labdns.yml | 7 | ||||
| -rw-r--r-- | playbooks/pihole.yml | 7 | ||||
| -rw-r--r-- | playbooks/roles/labdns/tasks/main.yml (renamed from playbooks/roles/pihole/tasks/main.yml) | 7 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/stacks/docker-compose.yml | 30 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/volumes/unbound/a-records.conf | 4 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf | 5 | ||||
| -rw-r--r-- | playbooks/roles/pihole/templates/stacks/docker-compose.yml | 43 | ||||
| -rw-r--r-- | playbooks/roles/pihole/templates/volumes/dnsmasq/.gitkeep | 0 | ||||
| -rw-r--r-- | playbooks/roles/pihole/templates/volumes/pihole/.gitkeep | 0 |
9 files changed, 49 insertions, 54 deletions
diff --git a/playbooks/labdns.yml b/playbooks/labdns.yml new file mode 100644 index 0000000..59e09ec --- /dev/null +++ b/playbooks/labdns.yml @@ -0,0 +1,7 @@ +--- + +- name: labdns setup + hosts: labdns + become: true + roles: + - labdns diff --git a/playbooks/pihole.yml b/playbooks/pihole.yml deleted file mode 100644 index 6a8b523..0000000 --- a/playbooks/pihole.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: pihole setup - hosts: pihole - become: true - roles: - - pihole diff --git a/playbooks/roles/pihole/tasks/main.yml b/playbooks/roles/labdns/tasks/main.yml index fc526dc..20c95f7 100644 --- a/playbooks/roles/pihole/tasks/main.yml +++ b/playbooks/roles/labdns/tasks/main.yml @@ -1,9 +1,8 @@ --- -- name: Deploy pihole +- name: Deploy labdns ansible.builtin.import_tasks: manage-docker-swarm-service.yml vars: - service_name: pihole + service_name: labdns template_render_dir: "../templates" - service_destination_dir: "{{ pihole_base }}" - + service_destination_dir: "{{ labdns_base }}" diff --git a/playbooks/roles/labdns/templates/stacks/docker-compose.yml b/playbooks/roles/labdns/templates/stacks/docker-compose.yml new file mode 100644 index 0000000..3327c18 --- /dev/null +++ b/playbooks/roles/labdns/templates/stacks/docker-compose.yml @@ -0,0 +1,30 @@ +--- + +services: + labdns: + image: mvance/unbound:latest + ports: + - "53:53/udp" + - "53:53/tcp" + volumes: + - {{ labdns_base }}/volumes/unbound/forward-records.conf:/opt/unbound/etc/unbound/forward-records.conf:ro + - {{ labdns_base }}/volumes/unbound/a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro + environment: + - TZ={{ timezone }} + - DEPLOYMENT_TIME={{ deployment_time }} +{% if not homelab_build %} + healthcheck: + test: ["CMD-SHELL", "drill loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"] + retries: 3 + timeout: 5s + start_period: 8s +{% endif %} + deploy: + mode: replicated + update_config: + parallelism: 1 + failure_action: rollback + order: start-first + monitor: 25s + replicas: 2 + diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf new file mode 100644 index 0000000..9462aab --- /dev/null +++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf @@ -0,0 +1,4 @@ +# {{ domain }} +{% for service in internal_services %} +local-data: "{{ service }}.{{ domain }}. A {{ loadbalancer_ip }}" +{% endfor %} diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf new file mode 100644 index 0000000..19af327 --- /dev/null +++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf @@ -0,0 +1,5 @@ +forward-zone: + name: "." + forward-addr: 1.1.1.1@853#cloudflare-dns.com + forward-addr: 1.0.0.1@853#cloudflare-dns.com + forward-tls-upstream: yes diff --git a/playbooks/roles/pihole/templates/stacks/docker-compose.yml b/playbooks/roles/pihole/templates/stacks/docker-compose.yml deleted file mode 100644 index 573121f..0000000 --- a/playbooks/roles/pihole/templates/stacks/docker-compose.yml +++ /dev/null @@ -1,43 +0,0 @@ -services: - pihole: - image: pihole/pihole:latest - ports: - - "53:53/udp" - - "53:53/tcp" - volumes: - - {{ pihole_base }}/volumes/pihole:/etc/pihole - - {{ pihole_base }}/volumes/dnsmasq:/etc/dnsmasq.d - environment: - - DEPLOYMENT_TIME={{ deployment_time }} - - TZ={{ timezone }} - - FTLCONF_webserver_api_password={{ pihole_webpwd }} - - FTLCONF_dns_upstreams={{ upstream_dns_servers | join(';') }} - networks: - - proxy -{% if not homelab_build %} - healthcheck: - test: ["CMD-SHELL", "dig loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"] - retries: 3 - timeout: 5s - start_period: 8s -{% endif %} - deploy: - mode: replicated - update_config: - parallelism: 1 - order: start-first - failure_action: rollback - monitor: 10s - replicas: 1 - labels: - - traefik.enable=true - - traefik.swarm.network=proxy - - traefik.http.routers.piholeweb.tls=true - - traefik.http.routers.piholeweb.tls.certResolver=letsencrypt - - traefik.http.routers.piholeweb.rule=Host(`{{ pihole_domain }}`) - - traefik.http.routers.piholeweb.entrypoints=websecure - - traefik.http.services.piholeweb.loadbalancer.server.port=80 - -networks: - proxy: - external: true diff --git a/playbooks/roles/pihole/templates/volumes/dnsmasq/.gitkeep b/playbooks/roles/pihole/templates/volumes/dnsmasq/.gitkeep deleted file mode 100644 index e69de29..0000000 --- a/playbooks/roles/pihole/templates/volumes/dnsmasq/.gitkeep +++ /dev/null diff --git a/playbooks/roles/pihole/templates/volumes/pihole/.gitkeep b/playbooks/roles/pihole/templates/volumes/pihole/.gitkeep deleted file mode 100644 index e69de29..0000000 --- a/playbooks/roles/pihole/templates/volumes/pihole/.gitkeep +++ /dev/null |