# Auto-generated using compose2nix v0.3.2-pre. { config, pkgs, lib, ... }: { config = lib.mkIf config.sysconfig.opts.virtualization.pihole.enable { # Runtime virtualisation.podman = { enable = true; autoPrune.enable = true; dockerCompat = true; defaultNetwork.settings = { # Required for container networking to be able to use names. dns_enabled = true; }; }; # Enable container name DNS for non-default Podman networks. # https://github.com/NixOS/nixpkgs/issues/226365 networking.firewall.interfaces."podman+".allowedUDPPorts = [ 53 ]; virtualisation.oci-containers.backend = "podman"; # Containers virtualisation.oci-containers.containers."pihole" = { image = "pihole/pihole:latest"; environment = { "PIHOLE_DNS" = "'192.169.101.2#5335'"; "TZ" = "'America/Chicago'"; }; environmentFiles = [ "/ssd1/Pihole/.env" ]; volumes = [ "/ssd1/Pihole/etc-dnsmasq.d:/etc/dnsmasq.d:rw" "/ssd1/Pihole/etc-pihole:/etc/pihole:rw" ]; ports = [ "53:53/tcp" "53:53/udp" "8080:80/tcp" ]; log-driver = "journald"; extraOptions = [ "--ip=192.169.101.1" "--network-alias=pihole" "--network=pihole_dns_net" ]; }; systemd.services."podman-pihole" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; }; after = [ "podman-network-pihole_dns_net.service" ]; requires = [ "podman-network-pihole_dns_net.service" ]; partOf = [ "podman-compose-pihole-root.target" ]; wantedBy = [ "podman-compose-pihole-root.target" ]; }; virtualisation.oci-containers.containers."unbound" = { image = "mvance/unbound:latest"; volumes = [ "/ssd1/Pihole/unbound:/opt/unbound/etc/unbound:rw" ]; ports = [ "5335:53/tcp" "5335:53/udp" ]; log-driver = "journald"; extraOptions = [ "--ip=192.169.101.2" "--network-alias=unbound" "--network=pihole_dns_net" ]; }; systemd.services."podman-unbound" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; }; after = [ "podman-network-pihole_dns_net.service" ]; requires = [ "podman-network-pihole_dns_net.service" ]; partOf = [ "podman-compose-pihole-root.target" ]; wantedBy = [ "podman-compose-pihole-root.target" ]; }; # Networks systemd.services."podman-network-pihole_dns_net" = { path = [ pkgs.podman ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; ExecStop = "podman network rm -f pihole_dns_net"; }; script = '' podman network inspect pihole_dns_net || podman network create pihole_dns_net --driver=bridge --subnet=192.169.0.0/16 ''; partOf = [ "podman-compose-pihole-root.target" ]; wantedBy = [ "podman-compose-pihole-root.target" ]; }; # Root service # When started, this will automatically create all resources and start # the containers. When stopped, this will teardown all resources. systemd.targets."podman-compose-pihole-root" = { unitConfig = { Description = "Root target generated by compose2nix."; }; wantedBy = [ "multi-user.target" ]; }; }; }