Install Pi-hole with some existing problems
There is an error telling that dnsmasq doesn't start, this might have to do with the user having to be root. The DNS service also isn't exposed yet as it needs some ufw forwarding (there's a TODO in the code mentioning this).
This commit is contained in:
Thomas Kleinendorst
parent
22376928e2
commit
21237b64c0
5 changed files with 116 additions and 3 deletions
25
roles/pi-hole/templates/pi-hole.conf.j2
Normal file
25
roles/pi-hole/templates/pi-hole.conf.j2
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
server_name pi-hole.kleinendorst.info;
|
||||
|
||||
# SSL via Let's Encrypt
|
||||
ssl_certificate /etc/letsencrypt/live/pi-hole.kleinendorst.info/fullchain.pem; # managed by Certbot
|
||||
ssl_certificate_key /etc/letsencrypt/live/pi-hole.kleinendorst.info/privkey.pem; # managed by Certbot
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
|
||||
location = / {
|
||||
return 301 https://pi-hole.kleinendorst.info/admin;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
set $upstream_address 127.0.0.1;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_address:$upstream_port;
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue