From af7de46bf5bb0c1d084f9b91e7e77c38c539087e Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Mon, 28 Apr 2025 22:22:02 +0200
Subject: [PATCH 1/2] Fix `adguard-home` and use both for DNS and DHCP

---
 modules/adguard-home/default.nix | 34 ++++++++++++++++++++++++++------
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/modules/adguard-home/default.nix b/modules/adguard-home/default.nix
index 4020c07..8c4451e 100644
--- a/modules/adguard-home/default.nix
+++ b/modules/adguard-home/default.nix
@@ -1,18 +1,40 @@
-{ config, ... }:
+{ config, lib, ... }:
 {
   services.adguardhome = {
     enable = true;
-    port = 3000;
     mutableSettings = true;
     settings = {
-      openFirewall = true;
+      dhcp = {
+        enabled = true;
+        interface_name = "enP4p65s0";
+
+        dhcpv4 = {
+          gateway_ip = "10.1.1.1";
+          range_start = "10.1.1.2";
+          range_end = "10.1.1.255";
+          subnet_mask = "255.255.255.0";
+        };
+      };
+      dns = {
+        upstream_dns = [
+          "https://dns10.quad9.net/dns-query"
+        ];
+
+        bind_hosts = [
+          "127.0.0.1"
+          "10.1.1.2"
+        ];
+      };
     };
   };
-  networking.firewall.allowedTCPPorts = [
-    3000
+
+  systemd.services.adguardhome.serviceConfig.DynamicUser = lib.mkForce false;
+
+  networking.firewall.allowedUDPPorts = [
     53
+    67
   ];
-  networking.firewall.allowedUDPPorts = [ 53 ];
+  networking.firewall.allowedTCPPorts = [ 53 ];
   environment.persistence."/persist".directories = [
     "/var/lib/AdGuardHome"
   ];

From 350c745cf1260ce934363a7fffa771a787867db1 Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Mon, 28 Apr 2025 22:22:17 +0200
Subject: [PATCH 2/2] Enable `adguard-home` on `sisko`

---
 hosts/sisko/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix
index 50e3cc2..0beb993 100644
--- a/hosts/sisko/default.nix
+++ b/hosts/sisko/default.nix
@@ -34,6 +34,7 @@
       "zerotier"
       "mosh"
       "amule"
+      "adguard-home"
     ]
     ++ [
       ./disko.nix