From 4ab54cae0a772fdec2f408f4a43cb1b7f3329d0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= <admin@numbus.eu>
Date: Tue, 3 Mar 2026 22:27:24 +0100
Subject: [PATCH] Added AdGuard (NEEDS TESTING). Fixed bad indentation for
 middlewares. Switched from every 2 month periodic scan to every 3 months.

---
 modules/services/adguard.nix | 51 ++++++++++++++++++++++++++++++++++++
 modules/services/clamav.nix  |  2 +-
 modules/services/lib.nix     |  2 +-
 3 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/modules/services/adguard.nix b/modules/services/adguard.nix
index e69de29..f543b31 100644
--- a/modules/services/adguard.nix
+++ b/modules/services/adguard.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let
+  # Version tagging
+  adguardVersion = "latest";
+  # Helper
+  helper = import ./lib.nix { inherit config pkgs lib; };
+  cfg = config.numbus.services.adguard;
+  # Container config
+  name = "adguard";
+in
+
+helper.mkPodmanService {
+  inherit name;
+  description = "AdGuard, feature-rich DNS service";
+  pod = "false";
+  defaultPort = "3000";
+  scheme = "http";
+  dependencies = [ "network.target" ];
+  dataDirEnabled = false;
+  startDelay = 10;
+  middlewares = [ "secureHeaders" ];
+  dirPermissions = [
+    "100999:100 ${cfg.configDir}"
+  ];
+
+# Compose file good
+  composeText = ''
+    services:
+      adguardhome:
+        image: adguard/adguardhome:${adguardVersion}
+        container_name: adguard
+        hostname: adguard
+        network_mode: pasta
+        user: '1000:1000'
+        ports:
+          - "3000:3000/tcp"
+          - "53:53/tcp"
+          - "53:53/udp"
+        volumes:
+          - ${cfg.configDir}/work:/opt/adguardhome/work
+          - ${cfg.configDir}/config:/opt/adguardhome/conf
+        cap_add:
+          - SYS_NICE
+        security_opt:
+          - no-new-privileges:true
+        restart: unless-stopped
+  '';
+}
\ No newline at end of file
diff --git a/modules/services/clamav.nix b/modules/services/clamav.nix
index 477be88..dc44c71 100644
--- a/modules/services/clamav.nix
+++ b/modules/services/clamav.nix
@@ -82,7 +82,7 @@ in
       description = "Timer for ClamAV periodic scan";
       wantedBy = [ "timers.target" ];
       timerConfig = {
-        OnCalendar = "*-1/2-01 04:00:00";
+        OnCalendar = "*-1/3-01 04:00:00";
         Persistent = true;
         Unit = "clamav-periodic-scan.service";
       };
diff --git a/modules/services/lib.nix b/modules/services/lib.nix
index c8a58e7..967d2ad 100644
--- a/modules/services/lib.nix
+++ b/modules/services/lib.nix
@@ -87,7 +87,7 @@ with lib;
                   - "websecure"
                 service: ${name}
                 middlewares:
-                  ${concatStringsSep "\n" (map (m: "        - ${m}") middlewares)}
+          ${concatStringsSep "\n" (map (m: "        - ${m}") middlewares)}
                 tls:
                   certresolver: "cloudflare"
                   options: "secureTLS"