abaduh/adguard.nix

{
  config,
  lib,
  ...
}:
with lib; let
  cfg = config.services.adguardhome;
in {
    enable = true;
    openFirewall = true;
    port = 8753;
    settings = {
      http = {address = "127.0.0.1:${toString port}";};
      filtering = {
        rewrites = mapAttrsToList (domain: answer: {inherit domain answer;}) {
          "abaduh.local" = "100.86.139.22";
          "*.abaduh.local" = "100.86.139.22";
        };
      };
      filters =
        imap (id: url: {
          enabled = true;
          inherit id url;
        }) [
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/hoster.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/doh-vpn-proxy-bypass.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/dyndns.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/gambling.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/native.lgwebos.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/hosts/native.tiktok.extended.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/native.winoffice.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/popupads.txt"
          "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/tif.txt"
        ];
      user_rules = [
        "@@||neocities.org^$important"
        "@@||tailscale.com^$important"
        "@@||torproject.org^$important"
        "@@||tumblr.com^$important"
        "@@||wordpress.com^$important"
      ];
    };
  };

  services.caddy.virtualHosts."adguard.abaduh.local" = {
    extraConfig = ''
      reverse_proxy http://localhost:${toString cfg.port}
      tls internal
    '';
  };

  # Ports needed to access the DNS resolver
  networking.firewall.allowedTCPPorts = [53];
  networking.firewall.allowedUDPPorts = [53 51820];
}
refactor: use list to declare filters 2025-09-13 22:10:27 -03:00			`{`
			`config,`
			`lib,`
			`...`
			`}:`
			`with lib; let`
			`cfg = config.services.adguardhome;`
			`in {`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`enable = true;`
			`openFirewall = true;`
			`port = 8753;`
			`settings = {`
feat: local abaduh.local domain for local services 2025-09-13 22:11:06 -03:00			`http = {address = "127.0.0.1:${toString port}";};`
			`filtering = {`
			`rewrites = mapAttrsToList (domain: answer: {inherit domain answer;}) {`
			`"abaduh.local" = "100.86.139.22";`
			`"*.abaduh.local" = "100.86.139.22";`
			`};`
			`};`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`filters =`
refactor: use list to declare filters 2025-09-13 22:10:27 -03:00			`imap (id: url: {`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`enabled = true;`
refactor: use list to declare filters 2025-09-13 22:10:27 -03:00			`inherit id url;`
			`}) [`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/hoster.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/doh-vpn-proxy-bypass.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/dyndns.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/gambling.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/native.lgwebos.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/hosts/native.tiktok.extended.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/native.winoffice.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/popupads.txt"`
			`"https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/tif.txt"`
			`];`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`user_rules = [`
refactor: use list to declare filters 2025-09-13 22:10:27 -03:00			`"@@\|\|neocities.org^$important"`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`"@@\|\|tailscale.com^$important"`
			`"@@\|\|torproject.org^$important"`
refactor: use list to declare filters 2025-09-13 22:10:27 -03:00			`"@@\|\|tumblr.com^$important"`
			`"@@\|\|wordpress.com^$important"`
feat: simplify configuration 2025-09-13 11:28:42 -03:00			`];`
			`};`
			`};`

feat: local abaduh.local domain for local services 2025-09-13 22:11:06 -03:00			`services.caddy.virtualHosts."adguard.abaduh.local" = {`
			`extraConfig = ''`
			`reverse_proxy http://localhost:${toString cfg.port}`
			`tls internal`
			`'';`
			`};`

feat: simplify configuration 2025-09-13 11:28:42 -03:00			`# Ports needed to access the DNS resolver`
			`networking.firewall.allowedTCPPorts = [53];`
			`networking.firewall.allowedUDPPorts = [53 51820];`
			`}`