Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lots

Browse Source
This commit is contained in:
Nathan
2026-01-15 18:47:31 -06:00
parent fd3f3639bd
commit f480a1f8c9
21 changed files with 195 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
system/services/containers/pihole/default.nix
View File

@@ -19,8 +19,6 @@
*/
networking = {
nat.internalInterfaces = [ "ve-pihole" ];
nameservers = [ "192.168.100.28" ];
};
@@ -46,9 +44,7 @@
pihole-web = {
enable = true;
package = pkgs-us.pihole-web;
#hostName = "192.168.100.28";
hostName = "pihole.local";
ports = [ 80 ];
};
@@ -56,8 +52,6 @@
pihole-ftl = {
enable = true;
package = pkgs-us.pihole-ftl;
openFirewallDNS = true;
openFirewallWebserver = true;
@@ -69,21 +63,43 @@
settings = {
dns.upstreams = [ "127.0.0.1#5335" ];
files.macvendor = lib.mkForce "/var/lib/pihole/macvendor.db";
};
};
unbound = {
enable = true;
resolveLocalQueries = true;
settings = {
server = {
interface = [ "127.0.0.1" ];
port = 5335;
access-control = [ "127.0.0.1 allow" ];
harden-glue = true;
harden-dnssec-stripped = true;
use-caps-for-id = false;
prefetch = true;
edns-buffer-size = 1232;
hide-identity = true;
hide-version = true;
};
forward-zone = [
{
name = "cloudflare";
forward-addr = [
"1.1.1.1#one.one.one.one"
"1.0.0.1#one.one.one.one"
];
forward-tls-upstream = true;
}
];
};
};