Pihole and Dnscrypt Proxy Setup is done
This commit is contained in:
parent
16a5a26123
commit
4fe34b183a
|
@ -1 +1 @@
|
|||
0.11.12-beta1
|
||||
0.11.12
|
||||
|
|
|
@ -1,15 +1,29 @@
|
|||
// This is a completely isolated container
|
||||
// used by pihole
|
||||
module "dnscrypt" {
|
||||
name = "dnscrypt-proxy"
|
||||
source = "modules/container"
|
||||
|
||||
image = "mattbodholdt/dnscrypt-proxy"
|
||||
|
||||
ports = [{
|
||||
internal = "53"
|
||||
external = "553"
|
||||
ip = "192.168.1.111"
|
||||
protocol = "udp"
|
||||
restart = "always"
|
||||
|
||||
networks_advanced = [{
|
||||
name = "dns"
|
||||
aliases = ["dnscrypt", "dnscrypt-proxy"]
|
||||
ipv4_address = "172.30.0.2"
|
||||
}]
|
||||
|
||||
dns = ["127.0.0.1"]
|
||||
}
|
||||
|
||||
resource "docker_network" "dns" {
|
||||
name = "dns"
|
||||
internal = false
|
||||
|
||||
// 172.20.0.12 - 172.20.0.15
|
||||
ipam_config {
|
||||
subnet = "172.30.0.0/29"
|
||||
gateway = "172.30.0.1"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -29,6 +29,8 @@ resource "docker_container" "container" {
|
|||
// service is exposed to the web
|
||||
networks = ["${concat(var.networks,compact(split(",",lookup(var.web, "expose", "false") == "false" ? "" :"${data.docker_network.traefik.id}")))}"]
|
||||
|
||||
networks_advanced = ["${var.networks_advanced}"]
|
||||
|
||||
memory = "${local.resource["memory"]}"
|
||||
memory_swap = "${local.resource["memory_swap"]}"
|
||||
|
||||
|
|
|
@ -12,6 +12,12 @@ variable "ports" {
|
|||
default = []
|
||||
}
|
||||
|
||||
variable "networks_advanced" {
|
||||
description = "list of networks_advanced"
|
||||
type = "list"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "networks" {
|
||||
description = "list of networks"
|
||||
type = "list"
|
||||
|
|
98
pihole.tf
98
pihole.tf
|
@ -1,46 +1,54 @@
|
|||
# module "pihole" {
|
||||
# name = "pihole"
|
||||
# source = "modules/container"
|
||||
# web {
|
||||
# expose = true
|
||||
# port = "80"
|
||||
# host = "dns.in.${var.root-domain}"
|
||||
# }
|
||||
# image = "pihole/pihole"
|
||||
# ports = [{
|
||||
# internal = "53"
|
||||
# external = "53"
|
||||
# ip = "192.168.1.111"
|
||||
# protocol = "udp"
|
||||
# }]
|
||||
# env = [
|
||||
# "ServerIP=192.168.1.111",
|
||||
# "WEBPASSWORD=${var.pihole_password}",
|
||||
# "DNS1=192.168.1.1:53",
|
||||
# "DNS2=no",
|
||||
# "VIRTUAL_HOST=dns.in.${var.root-domain}",
|
||||
# ]
|
||||
# ports = [{
|
||||
# internal = "53"
|
||||
# external = "53"
|
||||
# ip = "192.168.1.111"
|
||||
# protocol = "udp"
|
||||
# }]
|
||||
# volumes = [
|
||||
# {
|
||||
# host_path = "/mnt/xwing/config/pihole"
|
||||
# container_path = "/etc/pihole"
|
||||
# },
|
||||
# {
|
||||
# host_path = "/mnt/xwing/config/pihole/dnsmasq"
|
||||
# container_path = "/etc/pihole/dnsmasq.d"
|
||||
# },
|
||||
# ]
|
||||
# # networks = []
|
||||
# # network_mode = "host"
|
||||
# capabilities = [{
|
||||
# add = ["NET_ADMIN"]
|
||||
# }]
|
||||
# dns = ["127.0.0.1", "9.9.9.9", "1.1.1.1"]
|
||||
# }
|
||||
module "pihole" {
|
||||
name = "pihole"
|
||||
source = "modules/container"
|
||||
|
||||
web {
|
||||
expose = true
|
||||
port = "80"
|
||||
host = "dns.in.${var.root-domain}"
|
||||
}
|
||||
|
||||
restart = "always"
|
||||
|
||||
image = "pihole/pihole"
|
||||
|
||||
ports = [{
|
||||
internal = "53"
|
||||
external = "53"
|
||||
ip = "192.168.1.111"
|
||||
protocol = "udp"
|
||||
}]
|
||||
|
||||
env = [
|
||||
"ServerIP=192.168.1.111",
|
||||
"WEBPASSWORD=${var.pihole_password}",
|
||||
"DNS1=172.30.0.2",
|
||||
"DNS2=no",
|
||||
"VIRTUAL_HOST=dns.in.${var.root-domain}",
|
||||
]
|
||||
|
||||
volumes = [
|
||||
{
|
||||
host_path = "/mnt/xwing/config/pihole"
|
||||
container_path = "/etc/pihole"
|
||||
},
|
||||
{
|
||||
host_path = "/mnt/xwing/config/pihole-dnsmasq.d"
|
||||
container_path = "/etc/dnsmasq.d"
|
||||
},
|
||||
]
|
||||
|
||||
networks_advanced = [{
|
||||
name = "dns"
|
||||
},
|
||||
{
|
||||
name = "traefik"
|
||||
},
|
||||
]
|
||||
|
||||
capabilities = [{
|
||||
add = ["NET_ADMIN"]
|
||||
}]
|
||||
|
||||
dns = ["127.0.0.1", "9.9.9.9", "1.1.1.1"]
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue