{ config, pkgs, lib, ... }: with lib; { options.features.homelab.pihole.enable = mkEnableOption "Enable pihole"; config = mkIf config.features.homelab.pihole.enable { virtualisation = { docker = { enable = true; autoPrune.enable = true; }; oci-containers = { backend = "docker"; containers."pihole" = { image = "pihole/pihole:latest"; environment = { "TZ" = "Europe/London"; }; volumes = [ "/media/pihole/etc-dnsmasq.d:/etc/dnsmasq.d:rw" "/media/pihole/etc-pihole:/etc/pihole:rw" ]; ports = [ "53:53/tcp" "53:53/udp" "67:67/udp" "8082:80/tcp" ]; log-driver = "journald"; extraOptions = [ "--cap-add=NET_ADMIN" "--network-alias=pihole" "--network=pihole_default" ]; }; }; }; systemd = { services = { "docker-pihole" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; RestartMaxDelaySec = lib.mkOverride 90 "1m"; RestartSec = lib.mkOverride 90 "100ms"; RestartSteps = lib.mkOverride 90 9; }; after = [ "docker-network-pihole_default.service" ]; requires = [ "docker-network-pihole_default.service" ]; partOf = [ "docker-compose-pihole-root.target" ]; wantedBy = [ "docker-compose-pihole-root.target" ]; }; "docker-network-pihole_default" = { path = [ pkgs.docker ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; ExecStop = "docker network rm -f pihole_default"; }; script = '' docker network inspect pihole_default || docker network create pihole_default ''; partOf = [ "docker-compose-pihole-root.target" ]; wantedBy = [ "docker-compose-pihole-root.target" ]; }; }; targets."docker-compose-pihole-root" = { unitConfig = { Description = "Root target generated by compose2nix."; }; wantedBy = [ "multi-user.target" ]; }; }; services.nginx.virtualHosts."pihole.localhost" = { locations."/".proxyPass = "http://localhost:8082/"; }; }; }