updates for pihole, http site, venv requirements
This commit is contained in:
Bastian de Byl
@@ -6,6 +6,7 @@ deps: [
|
||||
]
|
||||
|
||||
ci_server_name: ci.bdebyl.net
|
||||
pi_server_name: pi.bdebyl.net
|
||||
home_server_name: home.bdebyl.net
|
||||
parts_server_name: parts.bdebyl.net
|
||||
install_path: /usr/share
|
||||
|
||||
@@ -36,11 +36,19 @@
|
||||
mode: 0644
|
||||
loop:
|
||||
- "{{ ci_server_name }}.http.conf"
|
||||
- "{{ pi_server_name }}.conf"
|
||||
- "{{ home_server_name }}.conf"
|
||||
- "{{ parts_server_name }}.conf"
|
||||
notify: restart_nginx
|
||||
tags: http
|
||||
|
||||
- name: remove pihole from sites-enabled if there
|
||||
become: true
|
||||
file:
|
||||
path: "/etc/nginx/sites-enabled/pi.hole.conf"
|
||||
state: absent
|
||||
tags: http
|
||||
|
||||
- name: enable desired nginx http sites
|
||||
become: true
|
||||
file:
|
||||
@@ -49,6 +57,7 @@
|
||||
state: link
|
||||
loop:
|
||||
- "{{ ci_server_name }}.http.conf"
|
||||
- "{{ pi_server_name }}.conf"
|
||||
- "{{ parts_server_name }}.conf"
|
||||
notify: restart_nginx
|
||||
tags: http
|
||||
|
||||
@@ -7,7 +7,7 @@ server {
|
||||
listen 80 default_server;
|
||||
server_name {{ home_server_name }};
|
||||
if ($whitelisted = 1) {
|
||||
return 302 http://pi.hole;
|
||||
return 302 http://pi.bdebyl.net;
|
||||
}
|
||||
|
||||
if ($whitelisted = 0) {
|
||||
|
||||
@@ -0,0 +1,55 @@
|
||||
#
|
||||
# /etc/nginx/conf.d/pihole.conf
|
||||
#
|
||||
# https://github.com/pi-hole/pi-hole/wiki/Nginx-Configuration
|
||||
#
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
root /srv/http/pihole;
|
||||
server_name pi.bdebyl.net;
|
||||
autoindex off;
|
||||
|
||||
proxy_intercept_errors on;
|
||||
error_page 404 /pihole/index.php;
|
||||
|
||||
index pihole/index.php index.php index.html index.htm;
|
||||
|
||||
allow 192.168.1.0/24;
|
||||
deny all;
|
||||
|
||||
location / {
|
||||
expires max;
|
||||
try_files $uri $uri/ =404;
|
||||
add_header X-Pi-hole "A black hole for Internet advertisements";
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
include fastcgi.conf;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
|
||||
fastcgi_param VIRTUAL_HOST open_basedir="/srv/http/pihole:run/pihole-ftl/pihole-FTL.port:run/log/pihole/pihole.log:run/log/pihole-ftl/pihole-FTL.log:etc/pihole:etc/hosts:etc/hostname:etc/dnsmasq.d/02-pihole-dhcp.conf:etc/dnsmasq.d/03-pihole-wildcard.conf:etc/dnsmasq.d/04-pihole-static-dhcp.conf:var/log/lighttpd/error.log:proc/meminfo:proc/cpuinfo:sys/class/thermal/thermal_zone0/temp:tmp";
|
||||
}
|
||||
|
||||
location /admin {
|
||||
root /srv/http/pihole;
|
||||
index index.php index.html index.htm;
|
||||
add_header X-Pi-hole "The Pi-hole Web interface is working!";
|
||||
add_header X-Frame-Options "DENY";
|
||||
}
|
||||
|
||||
location ~ /\.ttf {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
}
|
||||
|
||||
location ~ /admin/\. {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user