numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c90169f242f68bbe495c8ae74cf8bd6ab0be5b2c
numbus-server-module/modules/services/pi-hole.nix
T

61 lines
2.0 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
with lib;
let
helper = import ./lib.nix { inherit config pkgs lib; };
cfg = config.numbus.services.pi-hole;
in
helper.mkPodmanService {
name = "pi-hole";
description = "Pi-Hole, the ads black hole";
defaultPort = "4443";
pod = "false";
scheme = "https";
dependencies = [ "traefik.service" "${config.numbus.services.dns}.service" ];
delaySec = 10;
composeText = ''
services:
pi-hole:
image: docker.io/pihole/pihole:latest
container_name: pi-hole
hostname: pi-hole
network_mode: pasta
ports:
- "${cfg.port}:443/tcp"
- "53:53/tcp"
- "53:53/udp"
environment:
PIHOLE_UID: '1000'
PIHOLE_GID: '1000'
TZ: $TZ
FTLCONF_webserver_api_password: $FTLCONF_webserver_api_password
FTLCONF_webserver_domain: ${cfg.subdomain}.${config.numbus.services.domain}
FTLCONF_dns_upstreams: 9.9.9.9;149.112.112.112
FTLCONF_dns_hosts: |
${lib.concatStringsSep "" (lib.mapAttrsToList (name: service:
if builtins.isAttrs service && service ? enable && service.enable && service ? subdomain then
" $HOME_SERVER_IP ${service.subdomain}.${config.numbus.services.domain}\n"
else
""
) config.numbus.services)}
# TODO : get revServers to work
# FTLCONF_dns_revServers: |
# true,$HOME_ROUTER_SUBNET,$HOME_ROUTER_IP,${config.numbus.services.domain}
# true,$HOME_VPN_SUBNET,$HOME_VPN_IP,${config.numbus.services.domain}
FTLCONF_dns_listeningMode: "BIND"
FTLCONF_dns_domain_name: "${config.numbus.services.domain}"
FTLCONF_dns_domain_local: "true"
FTLCONF_dhcp_active: "false"
FTLCONF_ntp_ipv4_active: "false"
FTLCONF_ntp_ipv6_active: "false"
FTLCONF_ntp_sync_active: "false"
volumes:
- ${cfg.configDir}:/etc/pihole
cap_add:
- SYS_NICE
restart: unless-stopped
'';
}
Reference in New Issue View Git Blame Copy Permalink