---
- name: create required pihole volumes
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: "{{ podman_user }}"
    group: "{{ podman_user }}"
    mode: 0755
  notify: restorecon podman
  loop:
    - "{{ pihole_path }}/config"
    - "{{ pihole_path }}/dnsmasq"
  tags: pihole

- name: flush handlers
  ansible.builtin.meta: flush_handlers
  tags: pihole

- name: create pihole container
  become: true
  become_user: "{{ podman_user }}"
  containers.podman.podman_container:
    name: pihole
    image: docker.io/pihole/pihole:2022.04.3
    recreate: false
    restart: true
    restart_policy: on-failure
    log_driver: journald
    cap_add:
      - CAP_NET_BIND_SERVICE
      - NET_ADMIN
    network:
      - host
    env:
      DNSMASQ_USER: "root"
      PIHOLE_UID: 0
      TZ: "America/New_York"
      WEBPASSWORD: "{{ pihole_password }}"
      WEB_PORT: 8082
    volumes:
      - "{{ pihole_path }}/config:/etc/pihole"
      - "{{ pihole_path }}/dnsmasq:/etc/dnsmasq.d"
    ports:
      - 53:53/udp
      - 53:53/tcp
      - 8082:80
  tags: pihole

- name: create systemd startup job for pihole
  include_tasks: systemd-generate.yml
  vars:
    container_name: pihole
  tags: pihole