From f44f8346f4c890aa3e998ff039b6b6898b3f2ea5 Mon Sep 17 00:00:00 2001 From: Eli Ribble Date: Fri, 16 Aug 2024 17:49:32 -0700 Subject: [PATCH] Get pihole listening on the local IPv4 and IPv6 addresses. I'm not sure if the defaultNetwork subnet changes are necessary, I was trying lots of stuff. There are some whitespace changes as well, don't get distracted by them. Most critically the --network=bridge is and the dns_enabled=false avoid starting the aardvark-dns thing that podman does for internal dns on port 53 and make it so the container gets the IPv6 address for listening to incoming requests. --- quinn/etc/nixos/configuration.nix | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/quinn/etc/nixos/configuration.nix b/quinn/etc/nixos/configuration.nix index fa0b703..4064942 100644 --- a/quinn/etc/nixos/configuration.nix +++ b/quinn/etc/nixos/configuration.nix @@ -305,23 +305,35 @@ autoStart = true; environment = { TZ = "America/Phoenix"; - DNSMASQ_LISTENING = "all"; + DNSMASQ_LISTENING = "all"; }; + extraOptions = ["--network=bridge"]; image = "docker.io/pihole/pihole:2024.07.0"; ports = [ - "192.168.1.5:53:53/tcp" - "192.168.1.5:53:53/udp" - "192.168.1.5:67:67" - "127.0.0.1:10000:80" + "53:53/tcp" + "53:53/udp" + "67:67" + "127.0.0.1:10000:80" ]; volumes = [ "/etc/pihole/config:/etc/pihole" - "/etc/pihole/dnsmasq.d:/etc/dnsmasq.d" + "/etc/pihole/dnsmasq.d:/etc/dnsmasq.d" ]; }; }; virtualisation.podman.enable = true; virtualisation.podman.dockerSocket.enable = true; - virtualisation.podman.defaultNetwork.settings.dns_enabled = true; + virtualisation.podman.defaultNetwork.settings = { + dns_enabled = false; + ipv6_enabled = true; + subnets = [{ + gateway = "10.88.0.1"; + subnet = "10.88.0.0/16"; + } + { + gateway = "fd00::1:8:1"; + subnet = "fd00::1:8:0/122"; + }]; + }; }