From e8be763403fb3d623b68ea6cb1781e61a72d28d4 Mon Sep 17 00:00:00 2001 From: Luke Hoersten Date: Sun, 21 Jan 2024 15:58:58 -0600 Subject: Added optional admin-local DNS bypass. --- adguard-home/defaults/main.yaml | 1 + adguard-home/tasks/disable-dns-bypass.yaml | 24 ++++++++++++++++++++++++ adguard-home/tasks/enable-dns-bypass.yaml | 17 +++++++++++++++++ adguard-home/tasks/main.yaml | 25 ++++--------------------- 4 files changed, 46 insertions(+), 21 deletions(-) create mode 100644 adguard-home/tasks/disable-dns-bypass.yaml create mode 100644 adguard-home/tasks/enable-dns-bypass.yaml (limited to 'adguard-home') diff --git a/adguard-home/defaults/main.yaml b/adguard-home/defaults/main.yaml index 93720fe..bfc7be2 100644 --- a/adguard-home/defaults/main.yaml +++ b/adguard-home/defaults/main.yaml @@ -1,5 +1,6 @@ --- +adguard_dns_bypass: true adguard_home_port: "80" adguard_home_arch: "arm" adguard_home_tar: "https://static.adguard.com/adguardhome/release/AdGuardHome_linux_{{adguard_home_arch}}.tar.gz" diff --git a/adguard-home/tasks/disable-dns-bypass.yaml b/adguard-home/tasks/disable-dns-bypass.yaml new file mode 100644 index 0000000..10add0a --- /dev/null +++ b/adguard-home/tasks/disable-dns-bypass.yaml @@ -0,0 +1,24 @@ +--- + +- name: check if resolv.conf exists + stat: path="/etc/resolv.conf" + register: sym + +- name: replace systemd-resolved conf stub + become: yes + copy: + remote_src: yes + src: "/run/systemd/resolve/resolv.conf" + dest: "/etc/resolv.conf" + when: sym.stat.islnk is defined and sym.stat.islnk + +- name: ensure nameserver is self + become: yes + lineinfile: + path: "/etc/resolv.conf" + regexp: "^nameserver" + line: "nameserver {{ansible_default_ipv4.address}}" + +- name: disable systemd-resolved service + become: yes + systemd: name="systemd-resolved.service" enabled="no" state="stopped" diff --git a/adguard-home/tasks/enable-dns-bypass.yaml b/adguard-home/tasks/enable-dns-bypass.yaml new file mode 100644 index 0000000..efb2122 --- /dev/null +++ b/adguard-home/tasks/enable-dns-bypass.yaml @@ -0,0 +1,17 @@ +--- + +- name: check if resolv.conf exists + stat: path="/etc/resolv.conf" + register: sym + +- name: replace systemd-resolved conf link + become: yes + file: + src: "../run/systemd/resolve/stub-resolv.conf" + dest: "/etc/resolv.conf" + state: "link" + when: sym.stat.islnk is defined and not sym.stat.islnk + +- name: enable systemd-resolved service + become: yes + systemd: name="systemd-resolved.service" enabled="yes" state="started" diff --git a/adguard-home/tasks/main.yaml b/adguard-home/tasks/main.yaml index f9220bf..fc604da 100644 --- a/adguard-home/tasks/main.yaml +++ b/adguard-home/tasks/main.yaml @@ -44,28 +44,11 @@ template: src="AdGuardHome.yaml.j2" dest="/etc/AdGuardHome/AdGuardHome.yaml" notify: restart adguard home -- name: check if resolv.conf exists - stat: path="/etc/resolv.conf" - register: sym +- include: enable-dns-bypass.yaml + when: adguard_dns_bypass -- name: replace systemd-resolved conf stub - become: yes - copy: - remote_src: yes - src: "/run/systemd/resolve/resolv.conf" - dest: "/etc/resolv.conf" - when: sym.stat.islnk is defined and sym.stat.islnk - -- name: ensure nameserver is self - become: yes - lineinfile: - path: "/etc/resolv.conf" - regexp: "^nameserver" - line: "nameserver {{ansible_default_ipv4.address}}" - -- name: disable systemd-resolved service - become: yes - systemd: name="systemd-resolved.service" enabled="no" state="stopped" +- include: disable-dns-bypass.yaml + when: not adguard_dns_bypass - name: ensure adguard home is started become: yes -- cgit v1.2.3