37 lines
756 B
YAML
37 lines
756 B
YAML
---
|
|
- name: ensure pihole docker/compose exist
|
|
file:
|
|
path: /etc/docker/compose/pihole
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: 0700
|
|
|
|
- name: build pihole docker-compose.yml.j2
|
|
template:
|
|
src: ../templates/docker-compose.yml.j2
|
|
dest: /etc/docker/compose/pihole/docker-compose.yml
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
|
|
- name: daemon-reload and enable pihole
|
|
ansible.builtin.systemd_service:
|
|
state: restarted
|
|
enabled: true
|
|
name: docker-compose@pihole
|
|
|
|
- name: allow dns queries in vpn/tcp
|
|
ufw:
|
|
rule: allow
|
|
from: '100.64.0.0/10'
|
|
port: '53'
|
|
proto: 'tcp'
|
|
|
|
- name: allow dns queries in vpn/udp
|
|
ufw:
|
|
rule: allow
|
|
from: '100.64.0.0/10'
|
|
port: '53'
|
|
proto: 'udp'
|