rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make AdGuard settings authoritative; add busybox; drop fallback DNS

Browse source 
- services/adguard.nix: mutableSettings = false so Nix config overrides
  UI-made changes on rebuild (settings are the source of truth)
- common.nix: add busybox for its collection of handy utilities
- common.nix: remove networking.nameservers — DNS now comes purely from
  per-host NetworkManager config (AdGuard as the only resolver, no leaks)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
ediblerope 2026-04-22 19:57:55 +01:00
parent b7aa8e20ef
commit a825e36e2e
2 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
common.nix
View file

@ -67,7 +67,6 @@
# Enable network-manager
networking.networkmanager.enable = true;
networking.nameservers = [ "1.1.1.1" "9.9.9.9" ];
# Fish shell
programs.fish.enable = true;
@ -87,5 +86,6 @@
git
localsend
nvd
busybox
];
}

4
services/adguard.nix
View file

@ -8,8 +8,8 @@
# Web UI bound to localhost; nginx reverse-proxies at adguard.nordhammer.it
host = "127.0.0.1";
port = 3000;
# Allow UI changes (blocklists, rules, clients) to persist
mutableSettings = true;
# Nix is authoritative: settings below overwrite UI-made changes on rebuild
mutableSettings = false;
settings = {
dns = {
bind_hosts = [ "0.0.0.0" ];