49 lines
1.5 KiB
Nix
49 lines
1.5 KiB
Nix
{ ... }:
|
|
let
|
|
portDefinitions = import ./_port-definitions.nix;
|
|
nginxLocalServiceConfig = import ./nginx-local-config.nix;
|
|
in {
|
|
networking.firewall.allowedTCPPorts = [ portDefinitions.adguardhome-dns ];
|
|
networking.firewall.allowedUDPPorts = [ portDefinitions.adguardhome-dns ];
|
|
services = {
|
|
adguardhome = {
|
|
enable = true;
|
|
allowDHCP = true;
|
|
port = portDefinitions.adguardhome-http;
|
|
mutableSettings = true;
|
|
settings = {
|
|
http = {
|
|
address = "127.0.0.1:${toString portDefinitions.adguardhome-http}";
|
|
session_ttl = "1440h";
|
|
};
|
|
dns = {
|
|
bind_hosts = [ "0.0.0.0" ];
|
|
port = portDefinitions.adguardhome-dns;
|
|
anonymize_client_ip = false;
|
|
ratelimit = 0;
|
|
upstream_dns = [ "https://dns10.quad9.net/dns-query" ];
|
|
bootstrap_dns =
|
|
[ "9.9.9.10" "149.112.112.10" "2620:fe::10" "2620:fe::fe:10" ];
|
|
};
|
|
dhcp = {
|
|
enabled = true;
|
|
interface_name = "enp5s0";
|
|
local_domain_name = "lan";
|
|
dhcpv4 = {
|
|
gateway_ip = "10.0.0.254";
|
|
subnet_mask = "255.255.255.0";
|
|
range_start = "10.0.0.10";
|
|
range_end = "10.0.0.199";
|
|
lease_duration = 86400;
|
|
icmp_timeout_msec = 1000;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
nginx.virtualHosts."dns.rcia.dev" = {
|
|
locations."/".proxyPass =
|
|
"http://127.0.0.1:${toString portDefinitions.adguardhome-http}";
|
|
extraConfig = nginxLocalServiceConfig;
|
|
};
|
|
};
|
|
}
|