From 575c4ae0dc488b3c448f529a93804248b34fd67b Mon Sep 17 00:00:00 2001
From: Christopher Bacher <mindsbackyard@gmail.com>
Date: Sun, 16 Oct 2022 18:38:18 +0200
Subject: [PATCH] modules(pihole-container): extend the description for port
 configuration on the host

---
 modules/pihole-container.factory.nix | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/pihole-container.factory.nix b/modules/pihole-container.factory.nix
index 1f07d33..df2a8d5 100644
--- a/modules/pihole-container.factory.nix
+++ b/modules/pihole-container.factory.nix
@@ -16,13 +16,19 @@
         The internal port on the host on which the ${service} port of the pihole container should be exposed.
         Only needs to be specified if he container port should be exposed
         or if the port-forwarding for this service is enabled.
+
+        As the pihole container is running rootless this cannot be a privileged port (<1024).
       '';
     };
 
     hostPublicPort = mkOption {
       type = types.port;
-      description =
-        "The public port on the host on which the ${service} port of the pihole container should be forwared to.";
+      description = ''
+        The public port on the host on which the ${service} port of the pihole container should be forwared to.
+
+        This option can be used to together with the according `forwardPublicToInternal` to expose a pihole subservice on a privileged port,
+        e.g., if you want to expose the DNS service on port 53.
+      '';
       default = publicDefaultPort;
     };
 
@@ -31,6 +37,8 @@
       description = ''
         Enable port-forwarding between the public & the internal port of the host.
         This effectively makes pihole's ${service} port available on the network to which the host is connected to.
+
+        Use this option together with the according `hostPublicPort` to expose a pihole subservice on a privileged port.
       '';
       default = false;
     };