notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

adguardhome: add upstream dns with sops
All checks were successful
flake check / check (push) Successful in 4m41s
fmt check / check (push) Successful in 59s

Browse source
This commit is contained in:
notohh 2024-01-07 19:25:52 -05:00
parent 5ddc6c743f
commit 979ea64f9a
Signed by: notohh
GPG key ID: BD47506D475EE86D
1 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
hosts/haru/services/adguardhome/adguardhome.nix
View file

@ -1,19 +1,38 @@
_: { {config, ...}: {
imports = [ imports = [
./filters.nix ./filters.nix
./rewrites.nix ./rewrites.nix
]; ];
sops.secrets.nextdns = {owner = "adguardhome";};
users.users.adguardhome = {
isSystemUser = true;
group = "adguardhome";
};
users.groups.adguardhome = {};
networking.firewall.allowedTCPPorts = [53 3000]; networking.firewall.allowedTCPPorts = [53 3000];
networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedUDPPorts = [53];
services.adguardhome = { services.adguardhome = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
mutableSettings = true; mutableSettings = true;
settings = { settings = {
bind_port = 3000; bind_port = 3000;
bind_host = "0.0.0.0"; bind_host = "192.168.1.103";
os = {
user = "adguardhome";
group = "adguardhome";
};
dns = {
upstream_dns_file = config.sops.secrets.nextdns.path;
enable_dnssec = true;
cache_optimistic = true;
};
statistics = { statistics = {
enabled = true; enabled = true;
interval = "336h";
ignored = [ ignored = [
"youporn.com" "youporn.com"
"pornhub.com" "pornhub.com"