Added AdGuard (NEEDS TESTING). Fixed bad indentation for middlewares. Switched from every 2 month periodic scan to every 3 months.

modules/services/adguard.nix

@@ -0,0 +1,51 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let
+  # Version tagging
+  adguardVersion = "latest";
+  # Helper
+  helper = import ./lib.nix { inherit config pkgs lib; };
+  cfg = config.numbus.services.adguard;
+  # Container config
+  name = "adguard";
+in
+
+helper.mkPodmanService {
+  inherit name;
+  description = "AdGuard, feature-rich DNS service";
+  pod = "false";
+  defaultPort = "3000";
+  scheme = "http";
+  dependencies = [ "network.target" ];
+  dataDirEnabled = false;
+  startDelay = 10;
+  middlewares = [ "secureHeaders" ];
+  dirPermissions = [
+    "100999:100 ${cfg.configDir}"
+  ];
+
+# Compose file good
+  composeText = ''
+    services:
+      adguardhome:
+        image: adguard/adguardhome:${adguardVersion}
+        container_name: adguard
+        hostname: adguard
+        network_mode: pasta
+        user: '1000:1000'
+        ports:
+          - "3000:3000/tcp"
+          - "53:53/tcp"
+          - "53:53/udp"
+        volumes:
+          - ${cfg.configDir}/work:/opt/adguardhome/work
+          - ${cfg.configDir}/config:/opt/adguardhome/conf
+        cap_add:
+          - SYS_NICE
+        security_opt:
+          - no-new-privileges:true
+        restart: unless-stopped
+  '';
+}

modules/services/clamav.nix

@@ -82,7 +82,7 @@ in
       description = "Timer for ClamAV periodic scan";
       wantedBy = [ "timers.target" ];
       timerConfig = {
-        OnCalendar = "*-1/2-01 04:00:00";
+        OnCalendar = "*-1/3-01 04:00:00";
         Persistent = true;
         Unit = "clamav-periodic-scan.service";
       };

modules/services/lib.nix

@@ -87,7 +87,7 @@ with lib;
                   - "websecure"
                 service: ${name}
                 middlewares:
-                  ${concatStringsSep "\n" (map (m: "        - ${m}") middlewares)}
+          ${concatStringsSep "\n" (map (m: "        - ${m}") middlewares)}
                 tls:
                   certresolver: "cloudflare"
                   options: "secureTLS"