---
- name: install pi hole
  hosts: all
  become: true

  vars:
    web_pass: "{{ pass }}"
    
  tasks:

    - name: Make sure systemd-resolved is disabled
      ansible.builtin.systemd_service:
        state: stopped
        enabled: false
        masked: true
        name: systemd-resolved
      ignore_errors: true

    - name: install docker 
      ansible.builtin.include_tasks: yaml_sub/install_docker.yaml

    - name: Create volume pi_hole_etc
      community.docker.docker_volume:
        name: pi_hole_etc
        state: present

    - name: Create volume pi_hole_dnsmasq
      community.docker.docker_volume:
        name: pi_hole_dnsmasq
        state: present

    - name: Create pi-hole container
      community.docker.docker_container:
        name: pihole
        image: pihole/pihole
        state: started
        recreate: no
        restart_policy: always
        published_ports:
          - "53:53/tcp"
          - "53:53/udp"
          - "67:67/udp"
          - "80:80/tcp"
        volumes:
          - 'pi_hole_etc:/etc/pihole'
          - 'pi_hole_dnsmasq:/etc/dnsmasq.d'
        env:
          TZ: Europe/Berlin
          PIHOLE_DNS_: "134.102.20.20;8.8.8.8;8.8.4.4"
          DHCP_ACTIVE: "true"
          DHCP_START: "10.10.220.1"
          DHCP_END: "10.10.224.254"
          DHCP_ROUTER: "10.0.0.250"
          DHCP_LEASETIME: "24"
          PIHOLE_DOMAIN: "neuro.uni-bremen.de"
          DHCP_IPv6: "false"
          IPv6: "false"
          FTLCONF_LOCAL_IPV4: "10.10.0.5"
          WEBPASSWORD: "{{ web_pass }}"
        capabilities:
          - NET_ADMIN

    - name: Disable query logging
      debug:
        msg: "Settings -> System -> Disable query logging"

    - name: Permit all logins
      debug:
        msg: "Settings -> DNS -> Interface settings -> Permit all origins + save"

    - name: Deactivate blocking
      debug:
        msg: "Deactive blocking"