From c8e603fd29008bd3f77c004a109c43330eed0b06 Mon Sep 17 00:00:00 2001
From: Christopher Bacher <mindsbackyard@gmail.com>
Date: Sat, 22 Oct 2022 15:47:07 +0200
Subject: [PATCH] modules(pihole-container): assert that host user has
 sub-uids/gids configured

---
 modules/pihole-container.factory.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/pihole-container.factory.nix b/modules/pihole-container.factory.nix
index e5d73e3..e62e034 100644
--- a/modules/pihole-container.factory.nix
+++ b/modules/pihole-container.factory.nix
@@ -291,6 +291,17 @@ in rec {
   };
 
   config = mkIf cfg.enable {
+
+    assertions = let
+      hostUserCfg = config.users.users.${cfg.hostConfig.user};
+    in [
+      { assertion = hostUserCfg ? "subUidRanges" && hostUserCfg ? "subGidRanges";
+        message = ''
+          The host user most have configured subUidRanges & subGidRanges as pihole is running in a rootless podman container.
+        '';
+      }
+    ];
+
     systemd.services."pihole-rootless-container" = {
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" ];