Set up pihole. Updates

machines/cj/configuration.nix

@@ -7,6 +7,10 @@
       ./hardware-configuration-zfs.nix
     ];
 
+  nixpkgs.config.permittedInsecurePackages = [
+    "electron-27.3.11"
+  ];
+
   # This lets us pin the nixpkgs registry by default to the nixpkgs used to build this system.
   # Doing this means we are less likely to require the 30+MB download when
   # running commands like nix search or nix run
@@ -75,11 +79,13 @@
     wireless = {
       enable = false; # turn of wifi until needed
       userControlled.enable = true;
-      environmentFile = "/run/secrets/wifi/env";
+      #environmentFile = "/run/secrets/wifi/env";
+      secretsFile = "/run/secrets/wifi/env";
       networks = {
-        "@SSID_HOME@" = {
+        home.pskRaw = "ext:PSKRAW_HOME";
-          pskRaw = "@PSKRAW_HOME@";
+        #"@SSID_HOME@" = {
-        };
+          #pskRaw = "@PSKRAW_HOME@";
+        #};
       };
     };
     firewall = import ./firewall.nix;
@@ -95,9 +101,6 @@
   #};
   hardware.bluetooth.enable = false;
 
-  # Enable sound.
-  sound.enable = false;
-
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.jacob = {
     isNormalUser = true;
@@ -194,7 +197,11 @@
 
     syncthing = import ./syncthing.nix;
 
-    tailscale.enable = true;
+    tailscale = {
+      enable = true;
+      extraUpFlags = "--accept-dns=false";
+      openFirewall = true;
+    };
 
     timesyncd.enable = true;
 

machines/cj/pihole.nix

@@ -1,9 +1,9 @@
 { serverIP, serverIP6 } : {
-  image = "pihole/pihole:2025.04.0";
+  image = "pihole/pihole:2025.06.2";
   ports = [
     "53:53/tcp"
     "53:53/udp"
-    #"8088:80"
+    "8585:80"
     #"4438:443"
   ];
   environment = {
@@ -24,7 +24,7 @@
   ];
   extraOptions = [
     #"--cap-add=NET_ADMIN"
-    "--network=host"
+    #"--network=host"
     "--no-hosts" # do not populate internal /etc/hosts with container host's
   ];
 }