servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
ab4c22592acb59c5cb5665ea0c936bdf4f9c0d44
dotfiles/nixos/tsuba/services/pihole.nix
uttarayan21 e8aece3f47 feat(nixos): update flake.lock and configure services for ryu and tako 
feat(home): adjust vicinae and eilmeldung configurations

feat(neovim): enable folding in neovim configuration

fix(nixos): disable resolved dns and remove fallback dns on tako

chore(nixos): add pihole and resolved services to tsuba

chore(home): remove unused packages from programs

chore(nixos): add gamescope-wsi and vulkan-tools to steam configuration

chore(nixos): update navidrome service with sops integration and systemd tmpfiles

chore(darwin): use dynamic user in shiro configuration

chore(secrets): add lastfm and pihole secrets to secrets.yaml
2025-12-30 04:32:13 +05:30

71 lines
1.7 KiB
Nix
Raw Blame History

{
pkgs,
config,
...
}: {
sops = {
secrets."pihole/password" = {};
templates."pihole.env".content = ''
FTLCONF_webserver_api_password=${config.sops.placeholder."pihole/password"}
'';
};
virtualisation.oci-containers = {
containers = {
pihole = {
image = "pihole/pihole:latest";
ports = [
"53:53/tcp"
"53:53/udp"
"127.0.0.1:8053:80/tcp"
];
privileged = true;
environment = {
TZ = config.time.timeZone;
FTLCONF_dns_listeningMode = "ALL";
};
environmentFiles = [
config.sops.templates."pihole.env".path
];
volumes = [
"/etc/pihole:/etc/pihole"
];
capabilities = {
"NET_ADMIN" = true;
"SYS_TIME" = true;
"SYS_NICE" = true;
};
};
};
};
services.caddy = {
virtualHosts."pihole.darksailor.dev".extraConfig = ''
import cloudflare
redir / /admin permanent
reverse_proxy localhost:8053
'';
};
# Systemd service to pull latest Home Assistant image
systemd.services.pihole-image-update = {
description = "Pull latest Pi Hole Docker image";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.docker}/bin/docker pull pihole/pihole:latest";
ExecStartPost = "${pkgs.systemd}/bin/systemctl restart docker-pihole.service";
};
};
# Systemd timer to run the update service every 5 days
systemd.timers.pihole-image-update = {
description = "Timer for Pi-Hole image updates";
wantedBy = ["timers.target"];
timerConfig = {
OnCalendar = "Mon *-*-* 02:00:00";
OnUnitInactiveSec = "5d";
Persistent = true;
RandomizedDelaySec = "1h";
};
};
}
Reference in New Issue View Git Blame Copy Permalink