pihole: init at various (#361571)

  "module-services-opencloud-basic-usage": [

    "index.html#module-services-opencloud-basic-usage"

  ],

  "module-services-networking-pihole-ftl-configuration-inherit-dnsmasq": [

    "index.html#module-services-networking-pihole-ftl-configuration-inherit-dnsmasq"

  ],

  "module-services-networking-pihole-ftl-configuration-multiple-interfaces": [

    "index.html#module-services-networking-pihole-ftl-configuration-multiple-interfaces"

  ],

  "module-services-strfry": [

    "index.html#module-services-strfry"

  ],

  "module-services-input-methods-kime": [

    "index.html#module-services-input-methods-kime"

  ],

  "module-services-networking-pihole-ftl": [

    "index.html#module-services-networking-pihole-ftl"

  ],

  "module-services-networking-pihole-ftl-administration": [

    "index.html#module-services-networking-pihole-ftl-administration"

  ],

  "module-services-networking-pihole-ftl-configuration": [

    "index.html#module-services-networking-pihole-ftl-configuration"

  ],

  "module-services-web-apps-pihole-web": [

    "index.html#module-services-web-apps-pihole-web"

  ],

  "module-services-web-apps-pihole-web-configuration": [

    "index.html#module-services-web-apps-pihole-web-configuration"

  ],

  "ch-profiles": [

    "index.html#ch-profiles"

  ],

- [gtklock](https://github.com/jovanlanik/gtklock), a GTK-based lockscreen for Wayland. Available as [programs.gtklock](#opt-programs.gtklock.enable).

- [Chrysalis](https://github.com/keyboardio/Chrysalis), a graphical configurator for Kaleidoscope-powered keyboards. Available as [programs.chrysalis](#opt-programs.chrysalis.enable).

- [Pi-hole](https://pi-hole.net/), a DNS sinkhole for advertisements based on Dnsmasq. Available as [services.pihole-ftl](#opt-services.pihole-ftl.enable), and [services.pihole-web](#opt-services.pihole-web.enable) for the web GUI and API.

- [FileBrowser](https://filebrowser.org/), a web application for managing and sharing files. Available as [services.filebrowser](#opt-services.filebrowser.enable).

- [LACT](https://github.com/ilya-zlobintsev/LACT), a GPU monitoring and configuration tool, can now be enabled through [services.lact.enable](#opt-services.lact.enable).

  ./services/networking/pdnsd.nix

  ./services/networking/peroxide.nix

  ./services/networking/picosnitch.nix

  ./services/networking/pihole-ftl.nix

  ./services/networking/pixiecore.nix

  ./services/networking/pleroma.nix

  ./services/networking/powerdns.nix

  ./services/web-apps/photoprism.nix

  ./services/web-apps/phylactery.nix

  ./services/web-apps/pict-rs.nix

  ./services/web-apps/pihole-web.nix

  ./services/web-apps/pingvin-share.nix

  ./services/web-apps/pixelfed.nix

  ./services/web-apps/plantuml-server.nix

        '';

      };

      configFile = lib.mkOption {

        type = lib.types.package;

        default = dnsmasqConf;

        internal = true;

      };

    };

  };

      serviceConfig = {

        Type = "dbus";

        BusName = "uk.org.thekelleys.dnsmasq";

        ExecStart = "${dnsmasq}/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C ${dnsmasqConf}";

        ExecStart = "${dnsmasq}/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C ${cfg.configFile}";

        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";

        PrivateTmp = true;

        ProtectSystem = true;

{

  cfg,

  config,

  lib,

  pkgs,

}:

let

  pihole = pkgs.pihole;

  makePayload =

    list:

    builtins.toJSON {

      inherit (list) type enabled;

      address = list.url;

      comment = list.description;

    };

  payloads = map makePayload cfg.lists;

in

''

  # Can't use -u (unset) because api.sh uses API_URL before it is set

  set -eo pipefail

  pihole="${lib.getExe pihole}"

  jq="${lib.getExe pkgs.jq}"

  # If the database doesn't exist, it needs to be created with gravity.sh

  if [ ! -f '${cfg.stateDirectory}'/gravity.db ]; then

    $pihole -g

    # Send SIGRTMIN to FTL, which makes it reload the database, opening the newly created one

    ${pkgs.procps}/bin/kill -s SIGRTMIN $(systemctl show --property MainPID --value ${config.systemd.services.pihole-ftl.name})

  fi

  source ${pihole}/usr/share/pihole/advanced/Scripts/api.sh

  source ${pihole}/usr/share/pihole/advanced/Scripts/utils.sh

  any_failed=0

  addList() {

    local payload="$1"

    echo "Adding list: $payload"

    local result=$(PostFTLData "lists" "$payload")

    local error="$($jq '.error' <<< "$result")"

    if [[ "$error" != "null" ]]; then

        echo "Error: $error"

        any_failed=1

        return

    fi

    id="$($jq '.lists.[].id?' <<< "$result")"

    if [[ "$id" == "null" ]]; then

        any_failed=1

        error="$($jq '.processed.errors.[].error' <<< "$result")"

        echo "Error: $error"

        return

    fi

    echo "Added list ID $id: $result"

  }

  for i in 1 2 3; do

    (TestAPIAvailability) && break

    echo "Retrying API shortly..."

    ${pkgs.coreutils}/bin/sleep .5s

  done;

  LoginAPI

  ${builtins.concatStringsSep "\n" (

    map (

      payload:

      lib.pipe payload [

        lib.strings.escapeShellArg

        (payload: "addList ${payload}")

      ]

    ) payloads

  )}

  # Run gravity.sh to load any new lists

  $pihole -g

  exit $any_failed

''