adguardhome: add upstream dns with sops
All checks were successful
flake check / check (push) Successful in 4m41s
fmt check / check (push) Successful in 59s
All checks were successful
flake check / check (push) Successful in 4m41s
fmt check / check (push) Successful in 59s
This commit is contained in:
parent
5ddc6c743f
commit
979ea64f9a
GPG key ID:
BD47506D475EE86D
1 changed files with 21 additions and 2 deletions
|
|
@ -1,19 +1,38 @@
|
|||
_: {
|
||||
{config, ...}: {
|
||||
imports = [
|
||||
./filters.nix
|
||||
./rewrites.nix
|
||||
];
|
||||
sops.secrets.nextdns = {owner = "adguardhome";};
|
||||
|
||||
users.users.adguardhome = {
|
||||
isSystemUser = true;
|
||||
group = "adguardhome";
|
||||
};
|
||||
users.groups.adguardhome = {};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [53 3000];
|
||||
networking.firewall.allowedUDPPorts = [53];
|
||||
|
||||
services.adguardhome = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
mutableSettings = true;
|
||||
settings = {
|
||||
bind_port = 3000;
|
||||
bind_host = "0.0.0.0";
|
||||
bind_host = "192.168.1.103";
|
||||
os = {
|
||||
user = "adguardhome";
|
||||
group = "adguardhome";
|
||||
};
|
||||
dns = {
|
||||
upstream_dns_file = config.sops.secrets.nextdns.path;
|
||||
enable_dnssec = true;
|
||||
cache_optimistic = true;
|
||||
};
|
||||
statistics = {
|
||||
enabled = true;
|
||||
interval = "336h";
|
||||
ignored = [
|
||||
"youporn.com"
|
||||
"pornhub.com"
|
||||
|
|
|
|||
Loading…
Reference in a new issue