kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a320b2e6a5ef28504fd13a97883ff98b974f1f5f
nix-config/modules/services/adguard.nix
Kopatz 311c73c9d8 add wireguard and adguard
2024-05-04 21:06:24 +02:00

139 lines
3.3 KiB
Nix
Raw Blame History

{ config, pkgs, inputs, lib , ... }:
with lib;
let
cfg = config.custom.services.adguard;
in
{
options.custom.services.adguard = {
enable = mkEnableOption "Enables adguard";
ip = lib.mkOption {
type = types.str;
default = config.custom.static-ip.ip;
description = "this servers ipv4 address";
};
};
config = let
ip = cfg.ip;
wireguardIp = config.custom.services.wireguard.ip;
in lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [ 53 ];
services.adguardhome = {
enable = true;
settings = {
schema_version = 20;
users = [
{
name = "admin";
password = "$2y$15$iPzjmUJPTwWUOsDp46GOPO/LYor/jDJjndwy2QlPddaKSD4QXvq9W";
}
];
dns = {
bind_hosts = [ "127.0.0.1" ip wireguardIp ];
port = 53;
protection_enabled = true;
filtering_enabled = true;
upstream_dns = [
"https://doh.tiar.app/dns-query"
"tls://getdnsapi.net"
"https://dns.adguard-dns.com/dns-query"
"tls://dot.seby.io"
];
use_http3_upstreams = true;
rewrites = [
{
"domain" = "kopatz.ddns.net";
"answer" = ip;
}
{
"domain" = "kavita-kopatz.duckdns.org";
"answer" = ip;
}
{
"domain" = "server.home";
"answer" = ip;
}
{
"domain" = "server.home.arpa";
"answer" = ip;
}
{
"domain" = "activitytracker.site";
"answer" = ip;
}
{
"domain" = "adguard.home.arpa";
"answer" = ip;
}
{
"domain" = "nextcloud.home.arpa";
"answer" = ip;
}
{
"domain" = "kavita.home.arpa";
"answer" = ip;
}
{
"domain" = "grafana.home.arpa";
"answer" = ip;
}
{
"domain" = "yt.home.arpa";
"answer" = ip;
}
{
"domain" = "nextcloud.home.arpa";
"answer" = wireguardIp;
}
{
"domain" = "kavita.home.arpa";
"answer" = wireguardIp;
}
{
"domain" = "yt.home.arpa";
"answer" = wireguardIp;
}
{
"domain" = "turnserver.home.arpa";
"answer" = wireguardIp;
}
{
"domain" = "inverter.home.arpa";
"answer" = "192.168.0.9";
}
];
};
querylog = {
enabled = false;
};
filters = [
{
enabled = true;
url = "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt";
name = "adguard dns list";
id = 1;
}
{
enabled = true;
url = "https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt";
name = "adguard block list";
id = 2;
}
{
enabled = true;
url = "https://dbl.oisd.nl/";
name = "big block list";
id = 3;
}
];
dhcp = { enabled = false; };
dhcpv6 = { enabled = false; };
tls = {
enabled = true;
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink