UNPKG

@installdoc/ansible-gas-station

Version:

An Ansible playbook that provisions your network with software from GitHub Awesome lists, developed with disaster recovery in mind ⛽🔥🤤

131 lines (120 loc) 4.03 kB
--- - name: "Ensure {{ hostsfile_dest_dir }} exists" file: mode: 0755 path: "{{ hostsfile_dest_dir }}" state: directory - name: Ensure hosts files are downloaded get_url: url: "{{ hostsfile.url }}" dest: "{{ hostsfile_dest_dir }}/{{ hostsfile.filename }}" mode: 0644 loop: - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts filename: base - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews/hosts filename: fakenews - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/gambling/hosts filename: gambling - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/porn/hosts filename: porn - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/social/hosts filename: social - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts filename: all loop_control: loop_var: hostsfile register: download_result - name: Ensure a copy of hosts files are created copy: src: "{{ hostsfile_dest_dir }}/{{ filename }}" dest: "{{ hostsfile_dest_dir }}/{{ filename }}-clean" mode: preserve remote_src: true loop: - base - fakenews - gambling - porn - social - all loop_control: loop_var: filename when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')" - name: Ensure the hosts file are sanitized lineinfile: path: "{{ hostsfile_dest_dir }}/{{ filename }}-clean" regex: '(^ *#.*$)|^$' state: absent mode: 0644 loop: - base - fakenews - gambling - porn - social - all loop_control: loop_var: filename when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')" - name: Backup the default hosts file # noqa 301 command: hostctl backup --path "{{ hostsfile_dest_dir }}/" # @action `hostctl` versions after v1.0.15 check for unique domains in a profile which makes # it extremely slow to process large hosts files. Revisit after a future version provides a # switch like that in version v1.0.3 # - name: Create hostctl profiles using the various hosts files # command: "hostctl add {{ filename }} --from {{ hostsfile_dest_dir }}/{{ filename }}-clean -q" # loop: # - base # - fakenews # - gambling # - porn # - social # - all # loop_control: # loop_var: filename - name: Read the content of the hosts files # noqa 301 command: cat "{{ hostsfile_dest_dir }}/{{ filename }}-clean" loop: - base - fakenews - gambling - porn - social - all loop_control: loop_var: filename register: clean_files when: "download_result.results | map(attribute='changed') | join(',') | regex_search('True')" - name: Setup SwitchHosts include_tasks: user-Linux.yml loop: "{{ user_configs }}" loop_control: label: "{{ user.username }}" loop_var: user when: - "download_result.results | map(attribute='changed') | join(',') | regex_search('True')" - (user.system is not defined) or ((user.system is defined) and (not user.system)) - name: Set systemd-resolved DNS lineinfile: path: "{{ systemd_resolved_conf_path }}" regex: "(^#DNS=|^DNS=)" line: "DNS={{ dns_provider }}" when: ansible_system == 'Linux' notify: restart systemd-resolved - name: Set systemd-resolved FallbackDNS lineinfile: path: "{{ systemd_resolved_conf_path }}" regex: "(^#FallbackDNS=|^FallbackDNS=)" line: "FallbackDNS={{ dns_fallback_provider }}" when: - ansible_system == 'Linux' - dns_fallback_provider is defined notify: restart systemd-resolved - name: Set systemd-resolved DNSOverTLS lineinfile: path: "{{ systemd_resolved_conf_path }}" regex: "(^#DNSOverTLS=|^DNSOverTLS=)" line: "DNSOverTLS={{ dns_over_tls }}" notify: restart systemd-resolved when: ansible_system == 'Linux'