satr14/nix-flake
1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server host config for dns and share

Browse source
This commit is contained in:
Satria 2026-02-25 21:34:51 +07:00
commit bef8d4784c
7 changed files with 153 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

69
modules/system/homelab/dns.nix Normal file
View file

@ -0,0 +1,69 @@
{ homelab, ... }: {
services.adguardhome = {
enable = true;
host = "0.0.0.0";
port = 8088;
settings = {
dns = {
upstream_dns = [ "https://security.cloudflare-dns.com/dns-query" ];
bootstrap_dns = [ "1.1.1.2" "1.0.0.2" ];
};
querylog = {
interval = "2160h";
enabled = true;
};
filtering = {
blocking_mode = "null_ip";
protection_enabled = true;
safebrowsing_enabled = true;
parental_enabled = true;
rewrites_enabled = true;
filtering_enabled = true;
safe_search = {
enabled = true;
youtube = true;
google = true;
bing = true;
duckduckgo = true;
};
rewrites = map (host: { enabled = true; domain = host[0]; answer = host[1]; }) [
[ "router.dns.${homelab.domain}" "10.3.14.1" ]
[ "main.dns.${homelab.domain}" "10.3.14.42" ]
[ "websites.dns.${homelab.domain}" "10.3.14.36" ]
[ "games.dns.${homelab.domain}" "10.3.14.37" ]
[ "media.dns.${homelab.domain}" "10.3.14.55" ]
[ "workspace.dns.${homelab.domain}" "10.3.14.57" ]
[ "server.dns.${homelab.domain}" "10.3.14.69" ]
[ "home.dns.${homelab.domain}" "10.3.14.235" ]
[ "nas.dns.${homelab.domain}" "10.3.14.217" ]
[ "proxy.${homelab.domain}" "10.3.14.120" ]
[ "*.proxy.${homelab.domain}" "proxy.${homelab.domain}" ]
[ "lancache.steamcontent.com" "main.dns.${homelab.domain}" ]
[ "steam.cache.lancache.net" "main.dns.${homelab.domain}" ]
];
};
filters = map (url: { enabled = true; url = url; }) [
"https://adaway.org/hosts.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_10.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_42.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_31.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_11.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_59.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_30.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_50.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_12.txt"
"https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt"
"https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
"https://v.firebog.net/hosts/static/w3kbl.txt"
"https://v.firebog.net/hosts/Prigent-Ads.txt"
"https://v.firebog.net/hosts/Admiral.txt"
"https://someonewhocares.org/hosts/hosts"
];
whitelist_filters = map (url: { enabled = true; url = url; }) [
"https://gist.githubusercontent.com/mul14/eb05e88fcec5bb195cbb/raw/75a1fe122a4502e8d5a5268c9d0ec28332b19d5d/hosts"
];
};
};
}

38
modules/system/homelab/share.nix Normal file
View file

@ -0,0 +1,38 @@
{ ... }: {
services = {
httpd = {
enable = true;
virtualHosts."cdn" = {
listen = [{ ip = "*"; port = 3000; }];
documentRoot = "/srv/dev-disk-by-uuid-f1ee1d17-e852-4e02-ae86-eaf6116a2aeb/NAS";
extraConfig = ''
Options +Indexes +FollowSymLinks
Require all granted
'';
};
};
samba = {
enable = true;
settings = {
global = {
workgroup = "WORKGROUP";
"disable netbios" = "yes";
"allow insecure wide links" = "yes";
"server min protocol" = "SMB2_02";
};
"NAS" = {
path = "/srv/dev-disk-by-uuid-f1ee1d17-e852-4e02-ae86-eaf6116a2aeb/NAS/";
browseable = "yes";
"read only" = "no";
"create mask" = "0664";
"force create mode" = "0664";
"directory mask" = "0775";
"force directory mode" = "0775";
"follow symlinks" = "yes";
"wide links" = "yes";
};
};
};
};
}

9
modules/system/server.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }: {
imports = [
./homelab/share.nix
./homelab/dns.nix
./base.nix
];
services.openssh.enable = true;
}