adguardhome: add upstream dns with sops
All checks were successful
flake check / check (push) Successful in 4m41s
fmt check / check (push) Successful in 59s

This commit is contained in:
notohh 2024-01-07 19:25:52 -05:00
parent 5ddc6c743f
commit 979ea64f9a
Signed by: notohh
GPG key ID: BD47506D475EE86D

View file

@ -1,19 +1,38 @@
_: {
{config, ...}: {
imports = [
./filters.nix
./rewrites.nix
];
sops.secrets.nextdns = {owner = "adguardhome";};
users.users.adguardhome = {
isSystemUser = true;
group = "adguardhome";
};
users.groups.adguardhome = {};
networking.firewall.allowedTCPPorts = [53 3000];
networking.firewall.allowedUDPPorts = [53];
services.adguardhome = {
enable = true;
openFirewall = true;
mutableSettings = true;
settings = {
bind_port = 3000;
bind_host = "0.0.0.0";
bind_host = "192.168.1.103";
os = {
user = "adguardhome";
group = "adguardhome";
};
dns = {
upstream_dns_file = config.sops.secrets.nextdns.path;
enable_dnssec = true;
cache_optimistic = true;
};
statistics = {
enabled = true;
interval = "336h";
ignored = [
"youporn.com"
"pornhub.com"