summaryrefslogtreecommitdiff
path: root/roles/pihole/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/pihole/tasks')
-rw-r--r--roles/pihole/tasks/main.yml36
1 files changed, 36 insertions, 0 deletions
diff --git a/roles/pihole/tasks/main.yml b/roles/pihole/tasks/main.yml
new file mode 100644
index 0000000..0467b80
--- /dev/null
+++ b/roles/pihole/tasks/main.yml
@@ -0,0 +1,36 @@
+---
+- name: ensure pihole docker/compose exist
+ file:
+ path: /etc/docker/compose/pihole
+ state: directory
+ owner: root
+ group: root
+ mode: 0700
+
+- name: build pihole docker-compose.yml.j2
+ template:
+ src: ../templates/docker-compose.yml.j2
+ dest: /etc/docker/compose/pihole/docker-compose.yml
+ owner: root
+ group: root
+ mode: u=rw,g=r,o=r
+
+- name: daemon-reload and enable pihole
+ ansible.builtin.systemd_service:
+ state: restarted
+ enabled: true
+ name: docker-compose@pihole
+
+- name: allow dns queries in vpn/tcp
+ ufw:
+ rule: allow
+ from: '100.64.0.0/10'
+ port: '53'
+ proto: 'tcp'
+
+- name: allow dns queries in vpn/udp
+ ufw:
+ rule: allow
+ from: '100.64.0.0/10'
+ port: '53'
+ proto: 'udp'
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-22 23:12:53 +0000