noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

pihole: reset

Browse source
This commit is contained in:
41666 2024-05-31 02:17:36 -04:00
parent 4b0f1c5bdb
commit cd6d4eebe5
1 changed files with 22 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
nixos/hosts/pihole/default.nix
View file

@ -4,56 +4,35 @@
../../server.nix
../../features/dns-cache.nix
../../features/podman.nix
inputs.linger.nixosModules.x86_64-linux.default
inputs.pihole.nixosModules.x86_64-linux.default
];
networking.hostName = "pihole";
system.stateVersion = "24.11";
nixpkgs.hostPlatform = "x86_64-linux";
boot.tmp.cleanOnBoot = lib.mkForce true;
networking.firewall = {
allowedTCPPorts = [
config.services.pihole.hostConfig.dnsPort
config.services.pihole.hostConfig.webPort
];
allowedUDPPorts = [
config.services.pihole.hostConfig.dnsPort
];
allowedTCPPorts = [ 53 80 ];
allowedUDPPorts = [ 53 ];
};
users.users.pihole = {
isNormalUser = true;
};
services.pihole = {
enable = true;
hostConfig = {
user = "root";
enableLingeringForUser = true;
persistVolumes = true;
dnsPort = 5353;
webPort = 8080;
};
piholeConfig = {
web = {
password = "abcd1234"; # todo?
virtualHost = "http://pihole.hoki-porgy.ts.net";
theme = "default-darker";
};
dns = {
upstreamServers = [
"10.0.0.1"
"1.1.1.1"
"1.0.0.1"
];
dnssec = true;
bogusPriv = true;
fqdnRequired = true;
};
};
};
# virtualisation.oci-containers.containers = {
# pihole = {
# image = "registry.docker.io/pihole/pihole";
# ports = [
# "53:53/tcp"
# "53:53/udp"
# "80:80/tcp"
# ];
# volumes = [
# "etc-pihole:/etc/pihole"
# "etc-dnsmasq.d:/etc/dnsmasq.d"
# ];
# environment = {
# TZ = config.time.timeZone;
# VIRTUAL_HOST = "pihole.hoki-porgy.ts.net";
# PROXY_LOCATION = "pihole.hoki-porgy.ts.net";
# # FTLCONF_LOCAL_IPV4 = config.networking.interfaces.tailscale0.ipv4.addresses[0].address;
# };
# };
# };
}