expand/pihole-dnsovertls
1
0
Fork 0
mirror of https://github.com/Expand-sys/pihole-dnsovertls synced 2025-12-18 16:22:13 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

hell yeah now i can access the admin page

Browse source
This commit is contained in:
Expand 2023-12-12 08:49:38 +11:00
parent ae6084b6c8
commit e59b52a9fa
1 changed files with 42 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
main.ansible.yml
View file

@ -16,6 +16,11 @@
- python3-pip - python3-pip
- libaugeas0 - libaugeas0
- nginx - nginx
- php7.4-fpm
- php7.4-cgi
- php7.4-xml
- php7.4-sqlite3
- php7.4-intl
state: present state: present
- name: install virtualenv via pip3 - name: install virtualenv via pip3
@ -29,17 +34,22 @@
virtualenv: /opt/certbot/ virtualenv: /opt/certbot/
state: present state: present
- name: install certbot via pip3
ansible.builtin.pip:
name: certbot-nginx
virtualenv: /opt/certbot/
state: present
- name: stop lighttpd, so that certbot can run - name: stop lighttpd, so that certbot can run
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: lighttpd name: lighttpd
state: stopped state: stopped
- name: stop nginx if running, so that certbot can run - name: stop nginx, so that certbot can run
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: nginx name: nginx
state: stopped state: stopped
- name: link certbot to /usr/bin - name: link certbot to /usr/bin
ansible.builtin.shell: ansible.builtin.shell:
cmd: | cmd: |
@ -62,32 +72,44 @@
- name: remove default site nginx - name: remove default site nginx
ansible.builtin.file: ansible.builtin.file:
state: absent state: absent
path: /etc/nginx/sites-enabled/default.conf path: /etc/nginx/sites-enabled/default
- name: create new config for pihol configuration - name: create new config for pihol configuration
ansible.builtin.blockinfile: ansible.builtin.blockinfile:
content: | content: |
server { server {
listen 80; listen 80;
listen 443 ssl;
listen [::]:80; listen [::]:80;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/{{ DNSDOMAIN }}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/{{ DNSDOMAIN }}/privkey.pem; # managed by Certbot
root /var/www/html; root /var/www/html;
server_name {{ DNSDOMAIN }}; server_name {{ DNSDOMAIN }};
autoindex off; autoindex off;
index pihole/index.php index.php index.html index.htm; index pihole/index.php index.php index.html index.htm;
location / { location / {
expires max; expires max;
try_files $uri $uri/ =404;
} }
location ~ \.php$ { location ~ \.php$ {
include snippets/fastcgi-php.conf; include fastcgi_params;
fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param FQDN true;
} }
location /*.js { location /*.js {
index pihole/index.js; index pihole/index.js;
} }
location /admin { location /admin {
root /var/www/html; root /var/www/html;
index index.php index.html index.htm; index index.php index.html index.htm;
} }
location ~ /\.ht { location ~ /\.ht {
deny all; deny all;
} }
@ -117,8 +139,15 @@
} }
path: /etc/nginx/streams/dnsovertls.conf path: /etc/nginx/streams/dnsovertls.conf
create: true create: true
- name: Start nginx
ansible.builtin.systemd_service:
name: php7.4-fpm
state: restarted
enabled: true
- name: Start nginx - name: Start nginx
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: nginx name: nginx
state: started state: restarted
enabled: true enabled: true