homeserver/group_vars/pihole.yml

67 lines
2.3 KiB
YAML
Raw Normal View History

---
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow
to_port: 80
comment: 'pihole-webgui'
from_ip: 0.0.0.0/0
protocol: tcp
- rule: allow
to_port: 4949
protocol: tcp
comment: 'munin'
from_ip: 192.168.2.144/24
- rule: allow
to_port: 53
comment: 'pihole-dns'
from_ip: 0.0.0.0/0
## playbook
pihole_homer_fqdn: docker.grote.lan # unter welchem host ist docker erreichbar? notwendig für die pihole stats in homer; fur die cors abfrage
### mgrote.restic
restic_repository: "//192.168.2.36/restic"
### mgrote.ntp_chrony_server
ntp_chrony_servers: # weil pihole den fqdn nicht auflösen kann
- address: pool.ntp.org
options: iburst #optionaler parameter
### mgrote.apt_manage_sources
manage_sources_apt_proxy: ""
### geerlingguy.munin-node
munin_node_plugins:
- name: chrony
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/chrony
- name: systemd_status
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/systemd_status
- name: lvm_
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/lvm_
config: |
[lvm_*]
user root
- name: pihole_cache
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/pihole/pihole_cache
config: |
[pihole_*]
user root
env.host 127.0.0.1
env.port 80
env.api /admin/api.php
- name: pihole_clients
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/pihole/pihole_clients
- name: pihole_queries
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/pihole/pihole_queries
- name: pihole_blocked_domains
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/pihole/pihole_blocked_domains
- name: pihole_ads_percentage
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/pihole/pihole_ads_percentage
- name: fail2ban
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
config: |
[fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
user root