

2·
4 days agoHow do you host your DNS sinkhole/resolver?
Like this, baby:
services.adguardhome = {
enable = true;
mutableSettings = false;
openFirewall = true;
settings = {
dns = {
# Web Interface
bootstrap_dns = ["9.9.9.9" "149.112.112.112"];
upstream_dns = ["https://dns.quad9.net/dns-query"];
fallback_dns = ["tls://dns.quad9.net"];
};
filters = [
{
name = "AdGuard DNS filter";
url = "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt";
enabled = true;
}
];
filtering = {
blocked_services = {
ids = [
];
};
protection_enabled = true;
filtering_enabled = true;
rewrites = [
];
};
Deploy to the main home server, and the backup instance. NixOS is fucking awesome. No sync tool needed.
Most of the time you don’t need docker. NixOS isolates runtimes.
That being said, you could use nix to build the docker container, and then run it using the built-in oci-container options.