adguard

home/features/desktop/default.nix

@@ -30,8 +30,8 @@
   home.packages = with pkgs; [
     alacritty
     autotiling
-    brave
     blueberry
+    brave
     brightnessctl
     feh
     flameshot

hosts/lkk-nix-1/default.nix

@@ -19,8 +19,8 @@
       from = 3000;
       to = 3100;
     }];
-    firewall.allowedTCPPorts = [ 80 443 5432 3306 3478 ];
-    firewall.allowedUDPPorts = [ 51820 ];
+    firewall.allowedTCPPorts = [ 53 80 443 5432 3306 3478 ];
+    firewall.allowedUDPPorts = [ 53 51820 ];
     firewall.allowedUDPPortRanges = [{
       from = 3478;
       to = 3481;

hosts/lkk-nix-1/services/adguard.nix

@@ -0,0 +1,7 @@
+{
+  services.adguardhome = {
+    enable = true;
+    mutableSettings = true;
+    settings.bind_port = 3008;
+  };
+}

hosts/lkk-nix-1/services/containers/wireguard.nix

@@ -1,7 +1,7 @@
 { config, outputs, ... }: {
   virtualisation.oci-containers.containers."wireguard" = {
     image = "weejewel/wg-easy";
-    environment = { WG_HOST = "wg.lanakk.com"; };
+    environment = { WG_HOST = "wg.lanakk.com"; WG_DEFAULT_DNS = "10.88.0.1"; };
     ports = [ "3007:51821/tcp" "51820:51820/udp" ];
     volumes = [ "wireguard_data:/etc/wireguard" ];
     extraOptions = [

hosts/lkk-nix-1/services/default.nix

@@ -1,5 +1,6 @@
 {
   imports = [
+    ./adguard.nix
     ./container.nix
     ./gitea.nix
     ./invidious.nix

hosts/lkk-nix-1/services/traefik.nix

@@ -50,6 +50,7 @@
           nextcloud.loadBalancer.servers = [{ url = "http://localhost:3005/"; }];
           invidious.loadBalancer.servers = [{ url = "http://localhost:3006/"; }];
           wireguard.loadBalancer.servers = [{ url = "http://localhost:3007/"; }];
+          adguard.loadBalancer.servers = [{ url = "http://localhost:3008/"; }];
         };
         routers = {
           api = {
@@ -139,6 +140,16 @@
             middlewares = "auth";
             entrypoints = "websecure";
           };
+          adguard = {
+            rule = "Host(`ab.lanakk.com`)";
+            tls = {
+              certResolver = "godaddy";
+              domains = "ab.lanakk.com";
+            };
+            service = "adguard";
+            middlewares = "auth";
+            entrypoints = "websecure";
+          };
         };
       };
     };