mirror of
https://github.com/jimeh/ansible-adguardhome.git
synced 2026-02-19 07:06:38 +00:00
91 lines
2.4 KiB
YAML
91 lines
2.4 KiB
YAML
---
|
|
- name: Setup Debian
|
|
include_tasks: setup_debian.yml
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Setup RedHat
|
|
include_tasks: setup_redhat.yml
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Install python dependencies
|
|
pip:
|
|
name: github3.py
|
|
state: present
|
|
|
|
- name: Check if binary is installed
|
|
stat:
|
|
path: "{{ adguardhome_bin_file }}"
|
|
register: adguardhome_binary_check
|
|
|
|
- name: Check latest released version
|
|
include_tasks: latest_version.yml
|
|
when: adguardhome_version == 'latest'
|
|
|
|
- name: Check version of installed binary
|
|
shell: >-
|
|
set -o pipefail
|
|
&& "{{ adguardhome_bin_file }}" -c /dev/null --check-config 2>&1
|
|
| grep -m 1 -E 'v[0-9.]+' -o
|
|
args:
|
|
executable: /bin/bash
|
|
register: adguardhome_version_check
|
|
check_mode: no
|
|
changed_when: >-
|
|
adguardhome_version_check.stdout.find('v' + adguardhome_version) == -1
|
|
failed_when: >-
|
|
adguardhome_version_check.rc != 0 and adguardhome_version_check.rc != 141
|
|
when: >-
|
|
adguardhome_binary_check.stat.exists
|
|
|
|
- name: "Install binary (v{{ adguardhome_version }} / {{ adguardhome_arch }})"
|
|
include_tasks: install.yml
|
|
when: >-
|
|
adguardhome_version_check.changed
|
|
or (not adguardhome_binary_check.stat.exists)
|
|
|
|
- name: Ensure user exists
|
|
user:
|
|
name: "{{ adguardhome_user }}"
|
|
create_home: no
|
|
system: "{{ adguardhome_system_user }}"
|
|
state: present
|
|
|
|
- name: Ensure data directory exists and has correct permissions
|
|
file:
|
|
path: "{{ adguardhome_data_dir }}"
|
|
owner: "{{ adguardhome_user }}"
|
|
group: "{{ adguardhome_group }}"
|
|
mode: "755"
|
|
recurse: yes
|
|
state: directory
|
|
|
|
- name: Ensure config directory exists and has correct permissions
|
|
file:
|
|
path: "{{ adguardhome_config_dir }}"
|
|
owner: "{{ adguardhome_user }}"
|
|
group: "{{ adguardhome_group }}"
|
|
mode: "755"
|
|
recurse: yes
|
|
state: directory
|
|
|
|
- name: Allow binary to bind to ports lower than 1024 as a non-root user
|
|
capabilities:
|
|
path: "{{ adguardhome_bin_file }}"
|
|
capability: CAP_NET_BIND_SERVICE=+eip
|
|
state: present
|
|
when: >-
|
|
adguardhome_user != "root"
|
|
|
|
- name: Disallow binary to bind to ports lower than 1024 as a non-root user
|
|
capabilities:
|
|
path: "{{ adguardhome_bin_file }}"
|
|
capability: CAP_NET_BIND_SERVICE=+eip
|
|
state: absent
|
|
when: >-
|
|
adguardhome_user == "root"
|
|
|
|
- name: Install systemd servicee
|
|
include_tasks: systemd_service.yml
|
|
when: >-
|
|
ansible_service_mgr == "systemd" and adguardhome_service_enable
|