Official NixOS Wiki

Pi-Hole

Revision as of 12:09, 27 February 2026 by J7 (talk | contribs) (Minimal Configuration Example and add optional blocklists)

Pi-Hole is a DNS service that functions as network ad-blocker.

Minimal Configuration Example

services.pihole-ftl = {
  enable = true;
  openFirewallDNS = true;    # Open port 53 (DNS traffic)
  settings = {               # See <https://docs.pi-hole.net/ftldns/configfile/>
    dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];   # Use Quad9/Cloudflare's DNS Servers
    hosts = [ "192.168.1.188 some.domain" ];   # Optionally resolve local domains
  };
};

You can test it's working 

  systemctl status pihole-ftl.service
  dig @localhost nixos.org

Now, setting your routers DNS server to your IP will direct your traffic to the Pi-Hole. Blocked domains will not be resolved.

Adding lists

services.pihole-ftl = {
  lists = [    # Lists can be added via URL
    {
      url = "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/pro.txt";
      type = "block";
      enabled = true;
      description = "Sample blocklist by hagezi";
    }
  ];
};
services.pihole-web = { # If lists are enabled then pihole-web must be configured
  enable = true;
  ports = [ "443s" ];
};

Now you can access pihole web interface at https://localhost:443

Retrieved from "https://wiki.nixos.org/w/index.php?title=Pi-Hole&oldid=30165"