noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

pihole: reset

Browse source
This commit is contained in:
41666 2024-05-31 02:17:36 -04:00
parent 4b0f1c5bdb
commit cd6d4eebe5
1 changed files with 22 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
nixos/hosts/pihole/default.nix
View file

@ -4,56 +4,35 @@
../../server.nix ../../server.nix
../../features/dns-cache.nix ../../features/dns-cache.nix
../../features/podman.nix ../../features/podman.nix
inputs.linger.nixosModules.x86_64-linux.default
inputs.pihole.nixosModules.x86_64-linux.default
]; ];
networking.hostName = "pihole"; networking.hostName = "pihole";
system.stateVersion = "24.11"; system.stateVersion = "24.11";
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
boot.tmp.cleanOnBoot = lib.mkForce true;
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ allowedTCPPorts = [ 53 80 ];
config.services.pihole.hostConfig.dnsPort allowedUDPPorts = [ 53 ];
config.services.pihole.hostConfig.webPort
];
allowedUDPPorts = [
config.services.pihole.hostConfig.dnsPort
];
}; };
users.users.pihole = { # virtualisation.oci-containers.containers = {
isNormalUser = true; # pihole = {
}; # image = "registry.docker.io/pihole/pihole";
# ports = [
services.pihole = { # "53:53/tcp"
enable = true; # "53:53/udp"
hostConfig = { # "80:80/tcp"
user = "root"; # ];
enableLingeringForUser = true; # volumes = [
persistVolumes = true; # "etc-pihole:/etc/pihole"
dnsPort = 5353; # "etc-dnsmasq.d:/etc/dnsmasq.d"
webPort = 8080; # ];
}; # environment = {
piholeConfig = { # TZ = config.time.timeZone;
web = { # VIRTUAL_HOST = "pihole.hoki-porgy.ts.net";
password = "abcd1234"; # todo? # PROXY_LOCATION = "pihole.hoki-porgy.ts.net";
virtualHost = "http://pihole.hoki-porgy.ts.net"; # # FTLCONF_LOCAL_IPV4 = config.networking.interfaces.tailscale0.ipv4.addresses[0].address;
theme = "default-darker"; # };
}; # };
dns = { # };
upstreamServers = [
"10.0.0.1"
"1.1.1.1"
"1.0.0.1"
];
dnssec = true;
bogusPriv = true;
fqdnRequired = true;
};
};
};
} }