From 979ea64f9a98687453ed04c9a177df112ab15e06 Mon Sep 17 00:00:00 2001 From: notohh Date: Sun, 7 Jan 2024 19:25:52 -0500 Subject: [PATCH] adguardhome: add upstream dns with sops --- .../haru/services/adguardhome/adguardhome.nix | 23 +++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/hosts/haru/services/adguardhome/adguardhome.nix b/hosts/haru/services/adguardhome/adguardhome.nix index bb80832..76750bf 100644 --- a/hosts/haru/services/adguardhome/adguardhome.nix +++ b/hosts/haru/services/adguardhome/adguardhome.nix @@ -1,19 +1,38 @@ -_: { +{config, ...}: { imports = [ ./filters.nix ./rewrites.nix ]; + sops.secrets.nextdns = {owner = "adguardhome";}; + + users.users.adguardhome = { + isSystemUser = true; + group = "adguardhome"; + }; + users.groups.adguardhome = {}; + networking.firewall.allowedTCPPorts = [53 3000]; networking.firewall.allowedUDPPorts = [53]; + services.adguardhome = { enable = true; openFirewall = true; mutableSettings = true; settings = { bind_port = 3000; - bind_host = "0.0.0.0"; + bind_host = "192.168.1.103"; + os = { + user = "adguardhome"; + group = "adguardhome"; + }; + dns = { + upstream_dns_file = config.sops.secrets.nextdns.path; + enable_dnssec = true; + cache_optimistic = true; + }; statistics = { enabled = true; + interval = "336h"; ignored = [ "youporn.com" "pornhub.com"