Revision 1 - get Pi-hole working correctly too.

Author: geerlingguy

Diff for: .gitignore

@@ -0,0 +1,2 @@
+inventory.ini
+config.yml

Diff for: README.md

@@ -7,11 +7,16 @@ TODO: Description here.
 ## Features
 
   - **Internet Monitoring**: TODO.
-  - **Pi Hole**: TODO.
+  - **Pi-hole**: TODO.
 
 ## Setup
 
-TODO.
+  1. Install Ansible (either full version or ansible-base).
+  2. Install requirements: `ansible-galaxy collection install -r requirements.yml`
+  3. Make copies of the following files and customize them to your liking:
+    - `example.inventory.ini` to `inventory.ini` (replace IP address with your Pi's IP).
+    - `example.config.yml` to `config.yml`
+  4. Run the playbook: `ansible-playbook main.yml`
 
 ## License
 

Diff for: ansible.cfg

@@ -1,4 +1,4 @@
 [defaults]
 nocows = True
-inventory = ./inventory
+inventory = ./inventory.ini
 interpreter_python = auto_silent

Diff for: example.config.yml

@@ -0,0 +1,3 @@
+---
+pihole_hostname: pihole
+pihole_password: change-this-password

Diff for: inventory renamed to example.inventory.ini

@@ -2,6 +2,16 @@
 - hosts: internet_pi
   become: true
 
+  pre_tasks:
+    - name: Load configuration.
+      ansible.builtin.include_vars: config.yml
+
+    - name: Ensure apt cache is up to date.
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 3600
+
   tasks:
-    - include_tasks: tasks/docker.yml
-    - include_tasks: tasks/internet-monitoring.yml
+    - ansible.builtin.include_tasks: tasks/docker.yml
+    - ansible.builtin.include_tasks: tasks/internet-monitoring.yml
+    - ansible.builtin.include_tasks: tasks/pi-hole.yml

Diff for: main.yml

@@ -0,0 +1,3 @@
+---
+collections:
+  - community.docker

Diff for: requirements.yml

@@ -1,31 +1,31 @@
 ---
 - name: Check if Docker is already present.
-  command: which docker
+  ansible.builtin.command: which docker
   failed_when: false
   changed_when: false
   register: docker_command_result
 
 - name: Download Docker install convenience script.
-  get_url:
+  ansible.builtin.get_url:
     url: https://get.docker.com/
     dest: /tmp/get-docker.sh
     mode: 0775
   when: docker_command_result.rc == 1
 
 - name: Run Docker install convenience script.
-  command: /tmp/get-docker.sh
+  ansible.builtin.command: /tmp/get-docker.sh
   environment:
     CHANNEL: stable
   when: docker_command_result.rc == 1
 
 - name: Ensure Docker is started.
-  service:
+  ansible.builtin.service:
     name: docker
     state: started
     enabled: true
 
 - name: Ensure dependencies are installed.
-  apt:
+  ansible.builtin.apt:
     name:
       - libffi-dev
       - libssl-dev
@@ -35,13 +35,13 @@
     state: present
 
 - name: Install Docker Compose using Pip.
-  pip:
+  ansible.builtin.pip:
     name: docker-compose
     state: present
     executable: pip3
 
 - name: Ensure pi user is added to the docker group.
-  user:
+  ansible.builtin.user:
     name: pi
     groups: docker
     append: true

Diff for: tasks/docker.yml

@@ -1,15 +1,16 @@
 ---
 - name: Clone internet-monitoring repo to Pi.
-  git:
+  ansible.builtin.git:
     repo: https://github.com/geerlingguy/internet-monitoring
     dest: ~/internet-monitoring/
     version: master
     accept_hostkey: true
   become: false
 
+# TODO: The first time this playbook is run, the `pi` user may not be added
+# to the `docker` group, so this task may fail.
 - name: Ensure internet-monitoring environment is running.
-  meta: noop
-
-# git clone https://github.com/geerlingguy/internet-monitoring
-# cd internet-monitoring
-# docker-compose up -d
+  community.docker.docker_compose:
+    project_src: ~/internet-monitoring/
+    build: false
+  become: false

Diff for: tasks/internet-monitoring.yml

@@ -0,0 +1,22 @@
+---
+- name: Create Pi-hole folder on Pi.
+  ansible.builtin.file:
+    path: ~/pi-hole
+    state: directory
+    mode: 0755
+  become: false
+
+- name: Copy Pi-hole docker-compose template to Pi.
+  ansible.builtin.template:
+    src: templates/pi-hole-docker-compose.yml.j2
+    dest: ~/pi-hole/docker-compose.yml
+    mode: '0640'
+  become: false
+
+# TODO: The first time this playbook is run, the `pi` user may not be added
+# to the `docker` group, so this task may fail.
+- name: Ensure Pi-hole is running.
+  community.docker.docker_compose:
+    project_src: ~/pi-hole/
+    build: false
+  become: false

Diff for: tasks/pi-hole.yml

@@ -0,0 +1,26 @@
+# {{ ansible_managed }}
+---
+version: "3"
+
+# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
+services:
+  pihole:
+    container_name: pihole
+    image: pihole/pihole:latest
+    hostname: '{{ pihole_hostname }}'
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "67:67/udp"
+      - "80:80/tcp"
+      - "443:443/tcp"
+    environment:
+      TZ: 'America/Chicago'
+      WEBPASSWORD: '{{ pihole_password }}'
+      ServerIP: '{{ ansible_facts['default_ipv4']['address'] }}'
+    volumes:
+      - './etc-pihole/:/etc/pihole/'
+      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
+    cap_add:
+      - NET_ADMIN
+    restart: unless-stopped