59 lines
1.4 KiB
YAML
59 lines
1.4 KiB
YAML
---
|
|
#adguard/tasks/main.yml
|
|
- import_tasks: firewall.yml
|
|
|
|
- name: Create stack and config directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: "0755"
|
|
recurse: yes
|
|
loop: "{{ adguard_base_directories }}"
|
|
|
|
- name: Directory SELinux requirement
|
|
ansible.builtin.set_fact:
|
|
selinux_container_paths: "{{ adguard_base_directories }}"
|
|
|
|
- import_role:
|
|
name: selinux_containers
|
|
tasks_from: labels
|
|
|
|
- name: Ensure container app config directories are owned by container UID
|
|
become: true
|
|
file:
|
|
path: "{{ adguard_dir }}/conf"
|
|
state: directory
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
recurse: true
|
|
|
|
- name: Deploy AdGuard configuration template
|
|
template:
|
|
src: AdGuardHome.yaml.j2
|
|
dest: "{{ stack_root }}/adguard/conf/AdGuardHome.yaml"
|
|
mode: '0600'
|
|
force: "{{ adguard_overwrite_config | default(false) | bool }}"
|
|
|
|
- name: Deploy AdGuard Quadlet
|
|
template:
|
|
src: adguard.container.j2
|
|
dest: "{{ container_config_dir }}/adguard.container"
|
|
|
|
- name: Force systemd reload (blocking)
|
|
become: true
|
|
become_user: "{{ container_user }}"
|
|
command: systemctl --user daemon-reload
|
|
|
|
- name: Wait for quadlet generation
|
|
pause:
|
|
seconds: 1
|
|
|
|
- name: Start and enable AdGuard service
|
|
become: true
|
|
become_user: "{{ container_user }}"
|
|
systemd:
|
|
name: adguard.service
|
|
scope: user
|
|
state: started |