@installdoc/ansible-gas-station
Version:
An Ansible playbook that provisions your network with software from GitHub Awesome lists, developed with disaster recovery in mind ⛽🔥🤤
131 lines (120 loc) • 4.03 kB
YAML
- name: "Ensure {{ hostsfile_dest_dir }} exists"
file:
mode: 0755
path: "{{ hostsfile_dest_dir }}"
state: directory
- name: Ensure hosts files are downloaded
get_url:
url: "{{ hostsfile.url }}"
dest: "{{ hostsfile_dest_dir }}/{{ hostsfile.filename }}"
mode: 0644
loop:
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
filename: base
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews/hosts
filename: fakenews
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/gambling/hosts
filename: gambling
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/porn/hosts
filename: porn
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/social/hosts
filename: social
- url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts
filename: all
loop_control:
loop_var: hostsfile
register: download_result
- name: Ensure a copy of hosts files are created
copy:
src: "{{ hostsfile_dest_dir }}/{{ filename }}"
dest: "{{ hostsfile_dest_dir }}/{{ filename }}-clean"
mode: preserve
remote_src: true
loop:
- base
- fakenews
- gambling
- porn
- social
- all
loop_control:
loop_var: filename
when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')"
- name: Ensure the hosts file are sanitized
lineinfile:
path: "{{ hostsfile_dest_dir }}/{{ filename }}-clean"
regex: '(^ *#.*$)|^$'
state: absent
mode: 0644
loop:
- base
- fakenews
- gambling
- porn
- social
- all
loop_control:
loop_var: filename
when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')"
- name: Backup the default hosts file # noqa 301
command: hostctl backup --path "{{ hostsfile_dest_dir }}/"
# @action `hostctl` versions after v1.0.15 check for unique domains in a profile which makes
# it extremely slow to process large hosts files. Revisit after a future version provides a
# switch like that in version v1.0.3
# - name: Create hostctl profiles using the various hosts files
# command: "hostctl add {{ filename }} --from {{ hostsfile_dest_dir }}/{{ filename }}-clean -q"
# loop:
# - base
# - fakenews
# - gambling
# - porn
# - social
# - all
# loop_control:
# loop_var: filename
- name: Read the content of the hosts files # noqa 301
command: cat "{{ hostsfile_dest_dir }}/{{ filename }}-clean"
loop:
- base
- fakenews
- gambling
- porn
- social
- all
loop_control:
loop_var: filename
register: clean_files
when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')"
- name: Setup SwitchHosts
include_tasks: user-Linux.yml
loop: "{{ user_configs }}"
loop_control:
label: "{{ user.username }}"
loop_var: user
when:
- "download_result.results | map(attribute='changed') | join(',') | regex_search('True')"
- (user.system is not defined) or ((user.system is defined) and (not user.system))
- name: Set systemd-resolved DNS
lineinfile:
path: "{{ systemd_resolved_conf_path }}"
regex: "(^#DNS=|^DNS=)"
line: "DNS={{ dns_provider }}"
when: ansible_system == 'Linux'
notify: restart systemd-resolved
- name: Set systemd-resolved FallbackDNS
lineinfile:
path: "{{ systemd_resolved_conf_path }}"
regex: "(^#FallbackDNS=|^FallbackDNS=)"
line: "FallbackDNS={{ dns_fallback_provider }}"
when:
- ansible_system == 'Linux'
- dns_fallback_provider is defined
notify: restart systemd-resolved
- name: Set systemd-resolved DNSOverTLS
lineinfile:
path: "{{ systemd_resolved_conf_path }}"
regex: "(^#DNSOverTLS=|^DNSOverTLS=)"
line: "DNSOverTLS={{ dns_over_tls }}"
notify: restart systemd-resolved
when: ansible_system == 'Linux'