Jump to content

Pi-Hole

From Official NixOS Wiki

Pi-Hole is a DNS service that functions as network ad-blocker.

Minimal Configuration Example

services.pihole-ftl = {
  enable = true;
  settings = {
    # See <https://docs.pi-hole.net/ftldns/configfile/>

    # External DNS Servers quad9 and cloudflare
    dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];

    # Optionally resolve local hosts (domain is optional)
    dns.hosts = [ "192.168.1.188 hostname.domain" ];
  };
};

You can test if it's working 

$ systemctl status pihole-ftl.service
$ nslookup nixos.org localhost
$ nslookup hostname.domain localhost

Adding lists and enabling web interface

services.pihole-ftl = {
  enable = true;
  settings = {
    # See <https://docs.pi-hole.net/ftldns/configfile/>

    # External DNS Servers quad9 and cloudflare
    dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];

    # Optionally resolve local hosts (domain is optional)
    dns.hosts = [ "192.168.1.188 hostname.domain" ];
  };

  lists = [    # Lists can be added via URL
    {
      url = "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/pro.txt";
      type = "block";
      enabled = true;
      description = "hagezi blocklist";
    }
  ];
};

services.pihole-web = {
  enable = true;
  ports = [ "443s" ];
};

Now blocked domains will not be resolved and you can access pihole web interface at https://localhost:443

Retrieved from "https://wiki.nixos.org/w/index.php?title=Pi-Hole&oldid=30169"