Mercurial Mercurial > ansible-roles / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added AdGuard Home role.
authorLuke Hoersten <luke@hoersten.org>
Sun, 28 Jun 2020 08:59:54 -0500
changeset 50 15edca738a31
parent 49 05924a38d51f
child 51 19fa7aa47bf1
Added AdGuard Home role.
adguard-home/defaults/main.yaml file | annotate | diff | comparison | revisions
adguard-home/handlers/main.yaml file | annotate | diff | comparison | revisions
adguard-home/tasks/main.yaml file | annotate | diff | comparison | revisions
adguard-home/templates/AdGuardHome.service.j2 file | annotate | diff | comparison | revisions
adguard-home/templates/AdGuardHome.yaml.j2 file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/adguard-home/defaults/main.yaml	Sun Jun 28 08:59:54 2020 -0500
@@ -0,0 +1,5 @@
+---
+
+adguard_home_arch: "arm"
+adguard_home_tar: "https://static.adguard.com/adguardhome/release/AdGuardHome_linux_{{adguard_home_arch}}.tar.gz"
+adguard_home_data_dir: "/var/lib/AdGuardHome"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/adguard-home/handlers/main.yaml	Sun Jun 28 08:59:54 2020 -0500
@@ -0,0 +1,5 @@
+---
+
+- name: restart adguard home
+  become: yes
+  systemd: name="AdGuardHome.service" enabled="yes" daemon_reload="yes"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/adguard-home/tasks/main.yaml	Sun Jun 28 08:59:54 2020 -0500
@@ -0,0 +1,49 @@
+---
+
+- name: unarchive adguard home
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "{{adguard_home_tar}}"
+    dest: "/tmp/"
+    creates: "/tmp/AdGuardHome/"
+    owner: "root"
+    group: "root"
+
+- name: install adguard home binary
+  become: yes
+  copy:
+    src: "/tmp/AdGuardHome/AdGuardHome"
+    dest: "/usr/local/bin/"
+    remote_src: yes
+    owner: "root"
+    group: "root"
+    mode: "0755"
+  notify: restart adguard home
+
+- name: create dirs
+  become: yes
+  file:
+    path: "{{item}}"
+    state: "directory"
+    owner: "root"
+    group: "root"
+    mode: "0755"
+  loop:
+    - "/etc/AdGuardHome"
+    - "{{adguard_home_data_dir}}"
+  notify: restart adguard home
+
+- name: configure adguard home service
+  become: yes
+  template: src="AdGuardHome.service.j2" dest="/etc/systemd/system/AdGuardHome.service"
+  notify: restart adguard home
+
+- name: configure adguard home
+  become: yes
+  template: src="AdGuardHome.yaml.j2" dest="/etc/AdGuardHome/AdGuardHome.yaml"
+  notify: restart adguard home
+
+- name: ensure adguard home is started
+  become: yes
+  systemd: name="AdGuardHome.service" enabled="yes" state="started"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/adguard-home/templates/AdGuardHome.service.j2	Sun Jun 28 08:59:54 2020 -0500
@@ -0,0 +1,19 @@
+[Unit]
+Description=AdGuard Home: Network-level blocker
+After=syslog.target network-online.target
+
+[Service]
+StartLimitInterval=5
+StartLimitBurst=10
+ExecStart=/usr/local/bin/AdGuardHome -c /etc/AdGuardHome/AdGuardHome.yaml -w {{adguard_home_data_dir}}
+
+WorkingDirectory={{adguard_home_data_dir}}
+
+StandardOutput=file:/var/log/AdGuardHome.out
+StandardError=file:/var/log/AdGuardHome.err
+Restart=always
+RestartSec=10
+EnvironmentFile=-/etc/sysconfig/AdGuardHome
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/adguard-home/templates/AdGuardHome.yaml.j2	Sun Jun 28 08:59:54 2020 -0500
@@ -0,0 +1,98 @@
+bind_host: 0.0.0.0
+bind_port: 80
+users:
+- name: admin
+  password: $2a$10$Zs3krtMBhUxje0yHHIA/neADb56jsC/QlJHcjSxNVNtF72bBONJMW
+http_proxy: ""
+language: ""
+rlimit_nofile: 0
+debug_pprof: false
+web_session_ttl: 720
+dns:
+  bind_host: 0.0.0.0
+  port: 53
+  statistics_interval: 1
+  querylog_enabled: true
+  querylog_interval: 90
+  querylog_size_memory: 1000
+  anonymize_client_ip: false
+  protection_enabled: true
+  blocking_mode: default
+  blocking_ipv4: ""
+  blocking_ipv6: ""
+  blocked_response_ttl: 10
+  parental_block_host: family-block.dns.adguard.com
+  safebrowsing_block_host: standard-block.dns.adguard.com
+  ratelimit: 20
+  ratelimit_whitelist: []
+  refuse_any: true
+  upstream_dns:
+  - https://dns10.quad9.net/dns-query
+  bootstrap_dns:
+  - 9.9.9.10
+  - 149.112.112.10
+  - 2620:fe::10
+  - 2620:fe::fe:10
+  all_servers: false
+  fastest_addr: false
+  allowed_clients: []
+  disallowed_clients: []
+  blocked_hosts: []
+  cache_size: 4194304
+  cache_ttl_min: 0
+  cache_ttl_max: 0
+  bogus_nxdomain: []
+  aaaa_disabled: false
+  enable_dnssec: false
+  edns_client_subnet: false
+  filtering_enabled: true
+  filters_update_interval: 24
+  parental_enabled: false
+  safesearch_enabled: false
+  safebrowsing_enabled: false
+  safebrowsing_cache_size: 1048576
+  safesearch_cache_size: 1048576
+  parental_cache_size: 1048576
+  cache_time: 30
+  rewrites: []
+  blocked_services: []
+tls:
+  enabled: false
+  server_name: ""
+  force_https: false
+  port_https: 443
+  port_dns_over_tls: 853
+  allow_unencrypted_doh: false
+  strict_sni_check: false
+  certificate_chain: ""
+  private_key: ""
+  certificate_path: ""
+  private_key_path: ""
+filters:
+- enabled: true
+  url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: AdGuard Simplified Domain Names filter
+  id: 1
+- enabled: false
+  url: https://adaway.org/hosts.txt
+  name: AdAway
+  id: 2
+- enabled: false
+  url: https://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  id: 4
+whitelist_filters: []
+user_rules: []
+dhcp:
+  enabled: false
+  interface_name: ""
+  gateway_ip: ""
+  subnet_mask: ""
+  range_start: ""
+  range_end: ""
+  lease_duration: 86400
+  icmp_timeout_msec: 1000
+clients: []
+log_file: ""
+verbose: false
+schema_version: 6
ansible-roles