From 491c476bbb3668a2037ced792eec84069048d80a Mon Sep 17 00:00:00 2001 From: Nathan Date: Sun, 3 Aug 2025 14:32:15 -0500 Subject: [PATCH] split --- .../services/containers/pihole/default.nix | 111 +++++++++++------- 1 file changed, 67 insertions(+), 44 deletions(-) diff --git a/system-config/services/containers/pihole/default.nix b/system-config/services/containers/pihole/default.nix index 712df5c..68db91b 100644 --- a/system-config/services/containers/pihole/default.nix +++ b/system-config/services/containers/pihole/default.nix @@ -18,71 +18,94 @@ }; */ - containers.pihole = { + containers = { + pihole = { - autoStart = true; - privateNetwork = true; - hostAddress = "192.168.100.10"; - localAddress = "192.168.100.28"; + autoStart = true; + privateNetwork = true; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.28"; - config = let + config = let pkgs-us = import inputs.nixpkgs-us { system = "x86_64-linux"; }; in { - - imports = [ - (import "${inputs.nixpkgs-us}/nixos/modules/services/networking/pihole-ftl.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;}) - (import "${inputs.nixpkgs-us}/nixos/modules/services/web-apps/pihole-web.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;}) - ]; - services = { - pihole-web = { - enable = true; + imports = [ + (import "${inputs.nixpkgs-us}/nixos/modules/services/networking/pihole-ftl.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;}) + (import "${inputs.nixpkgs-us}/nixos/modules/services/web-apps/pihole-web.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;}) + ]; - package = pkgs-us.pihole-web; + services = { + pihole-web = { + enable = true; - #hostName = "192.168.100.28"; + package = pkgs-us.pihole-web; - ports = [ 80 ]; - }; +#hostName = "192.168.100.28"; - pihole-ftl = { - enable = true; + ports = [ 80 ]; + }; - package = pkgs-us.pihole-ftl; + pihole-ftl = { + enable = true; - openFirewallDNS = true; - openFirewallWebserver = true; + package = pkgs-us.pihole-ftl; - lists = [ + openFirewallDNS = true; + openFirewallWebserver = true; + + lists = [ { url = "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"; } - ]; - - settings = { - misc.dnsmasq_lines = [ - "no-resolv" - "server=127.0.0.1@5335" ]; - }; - }; - unbound = { - enable = true; - - settings = { - server = { - interface = [ "127.0.0.1" ]; - port = 5335; + settings = { + misc.dnsmasq_lines = [ + "no-resolv" + "server=192.168.100.29" + #"server=1.1.1.1" + #"server=1.0.0.1" + ]; }; - }; }; + + system.stateVersion = "25.05"; + }; + }; + unbound = { + + autoStart = true; + privateNetwork = true; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.29"; + + config = { + + services = { + unbound = { + enable = true; + + settings = { + server = { + interface = [ "0.0.0.0" ]; + port = 53; + }; + + }; + }; + }; + + networking = { + firewall = { + allowedTCPPorts = [ 53 ]; + allowedUDPPorts = [ 53 ]; + }; + }; + + system.stateVersion = "25.05"; }; - - networking.nameservers = [ "127.0.0.1@5335" ]; - - system.stateVersion = "24.05"; }; };