Giter Site home page Giter Site logo

kasperskytte / ansible-adguard Goto Github PK

View Code? Open in Web Editor NEW

This project forked from freekers/ansible-adguard

0.0 1.0 0.0 45 KB

Ansible playbook to setup AdGuard Home with Unbound, including DoH, DoT & Let's Encrypt, based on Docker

License: GNU Affero General Public License v3.0

ansible-adguard's Introduction

Ansible-AdGuard

Intended Usecase

This Anible playbook deploys a self updating AdGuard Home stack based on Docker, featuring:

  • Unbound as recursive DNS server instead of public upstream DNS servers
  • DNS over HTTPS (DoH)
  • DNS over TLS (DoT)
  • IPv4 & IPv6*
  • Admin interface over HTTPS
  • Automatic SSL certificate for DoH & DoT, powered by Let's Encrypt
  • Self-updating, powered by Docker & Ouroboros

*The playbook will try to detect if IPv6 connectivity is available and if so automatically configure AdGuard Home to serve DNS resolution over both IPv4 and IPv6.

Disclaimer

Please do not set up a public DNS resolver, i.e. an AdGuard Home instance facing the internet, if you don't know what you're doing. You risk getting in all sorts of trouble. Most ISPs don't allow public DNS resolvers on their networks and will shut you down without notice, because it's generally a bad idea..

If all you're looking for is an adblocking DNS service, please consider using AdGuard's own public DNS service instead.

Prerequisites

  1. Your Linux server must be reachable over the internet on the following ports:
  • 53 (UDP/TCP) for plain DNS resolution
  • 80 (TCP) for Let's Encrypt's validation method
  • 443 (TCP) for AdGuard Home's webinterface & DoH
  • 853 (TCP) for DoT

  1. You must own a Fully Qualified Domain Name (FQDN), such as yourdomain.com.
    This is required to generate a valid Let's Encrypt SSL Certificate used for DoH & DoT.

  2. You must setup an A (and AAAA record if IPv6 DNS resolution is desired) for your domain, pointing to the IP address of your Linux server.
    This is required to generate a valid Let's Encrypt SSL Certificate and used for DoH & DoT.

Installation Instructions

  1. Install Ansible using sudo apt install ansible on the machine that will initiate the playbook.

  2. Clone repository using git clone https://github.com/Freekers/ansible-adguard.git

  3. Edit the hosts file to reflect your setup, i.e. change domain etc. playbook.yml does NOT need to be changed!

  4. Start playbook using ansible-playbook playbook.yml --ask-become-pass

  5. After installation, it can take up to 5 minutes before your AdGuard Home instance will be accessible. This is due to Let's Encrypt's certificate creation process. AdGuard Home will not start before a valid SSL certificate has been generated, so please be patient! For more information, please refer to the 'Usage Instructions' section below.

Supported distros:

  • Ubuntu 18.04 & 20.04
  • Debian 9 & 10

Usage Instructions

After installation, you can access the AdGuard Home admin interface of your instance by navigating to yourdomain.com. You should automatically be redirected to the login screen of your AdGuard Home instance.
Please remember that it can take up to 5 minutes before your AdGuard Home instance will be accessible after installation due to Let's Encrypt's certificate creation process. AdGuard Home will not start before a valid SSL certificate has been generated, so please be patient!

Refer to the setup page within the AdGuard Home's Admin interface to setup your devices to use your AdGuard Home instance as DNS server.

The docker-compose.yml file will be located at /opt/adguard. You can use regular docker and docker-compose commands to stop/start/restart containers.

If needed, for manual configuration of AdGuard Home, please refer to their official documententation.
If needed, for manual configuration of Unbound, please refer to their official documententation.
If needed, for manual configuration of Ouroboros, please refer to their official documententation.

Uninstallation Instructions

  1. sudo docker-compose -f /opt/adguard/docker-compose.yml down
  2. rm -rf /opt/adguard
  3. Consult playbook.yml to manually review packages & firewall rules that are no longer needed (Optional)

Acknowledgements

License

Unless otherwise specified, all code in this repository is released under the GNU Affero General Public License v3.0. See the repository's LICENSE file for details.

ansible-adguard's People

Contributors

bruvv avatar freekers avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.