nixpkgs/nixos/modules/services/networking/pihole-ftl-setup-script.nix

{
  cfg,
  config,
  lib,
  pkgs,
}:

let
  pihole = pkgs.pihole;
  makePayload =
    list:
    builtins.toJSON {
      inherit (list) type enabled;
      address = list.url;
      comment = list.description;
    };
  payloads = map makePayload cfg.lists;
in
''
  # Can't use -u (unset) because api.sh uses API_URL before it is set
  set -eo pipefail
  pihole="${lib.getExe pihole}"
  jq="${lib.getExe pkgs.jq}"

  # If the database doesn't exist, it needs to be created with gravity.sh
  if [ ! -f '${cfg.stateDirectory}'/gravity.db ]; then
    $pihole -g
    # Send SIGRTMIN to FTL, which makes it reload the database, opening the newly created one
    ${lib.getExe' pkgs.procps "kill"} -s SIGRTMIN $(systemctl show --property MainPID --value ${config.systemd.services.pihole-ftl.name})
  fi

  source ${pihole}/usr/share/pihole/advanced/Scripts/api.sh
  source ${pihole}/usr/share/pihole/advanced/Scripts/utils.sh

  any_failed=0

  addList() {
    local payload="$1"

    echo "Adding list: $payload"
    local result=$(PostFTLData "lists" "$payload")

    local error="$($jq '.error' <<< "$result")"
    if [[ "$error" != "null" ]]; then
        echo "Error: $error"
        any_failed=1
        return
    fi

    id="$($jq '.lists.[].id?' <<< "$result")"
    if [[ "$id" == "null" ]]; then
        any_failed=1
        error="$($jq '.processed.errors.[].error' <<< "$result")"
        echo "Error: $error"
        return
    fi

    echo "Added list ID $id: $result"
  }

  for i in 1 2 3; do
    (TestAPIAvailability) && break
    echo "Retrying API shortly..."
    ${lib.getExe' pkgs.coreutils "sleep"} .5s
  done;

  LoginAPI

  ${builtins.concatStringsSep "\n" (
    map (
      payload:
      lib.pipe payload [
        lib.strings.escapeShellArg
        (payload: "addList ${payload}")
      ]
    ) payloads
  )}

  # Run gravity.sh to load any new lists
  $pihole -g
  exit $any_failed
''
nixos/pihole-ftl: init Add a module for pihole-ftl, which allows declaratively defining the pihole.toml config file. Also provide options for adlists to use, which can be added through the pihole script (packaged as "pihole"). Other state such as clients and groups require complex database operations, which is normally performed by the pihole webapp (packaged as "pihole-web"). Extend the dnsmasq module to avoid duplication, since pihole-ftl is a soft-fork of dnsmasq which maintains compatibility. Provide the pihole script in `environment.systemPackages` so pihole-ftl can be easily administrated. 2025-04-28 22:22:01 +01:00			`{`
			`cfg,`
			`config,`
			`lib,`
			`pkgs,`
			`}:`

			`let`
			`pihole = pkgs.pihole;`
			`makePayload =`
			`list:`
			`builtins.toJSON {`
			`inherit (list) type enabled;`
			`address = list.url;`
			`comment = list.description;`
			`};`
			`payloads = map makePayload cfg.lists;`
			`in`
			`''`
			`# Can't use -u (unset) because api.sh uses API_URL before it is set`
			`set -eo pipefail`
			`pihole="${lib.getExe pihole}"`
			`jq="${lib.getExe pkgs.jq}"`

			`# If the database doesn't exist, it needs to be created with gravity.sh`
			`if [ ! -f '${cfg.stateDirectory}'/gravity.db ]; then`
			`$pihole -g`
			`# Send SIGRTMIN to FTL, which makes it reload the database, opening the newly created one`
pihole-ftl: update 6.1 -> 6.2.2 Apply some review suggestions by @dotlambda 2025-06-07 17:33:29 +01:00			`${lib.getExe' pkgs.procps "kill"} -s SIGRTMIN $(systemctl show --property MainPID --value ${config.systemd.services.pihole-ftl.name})`
nixos/pihole-ftl: init Add a module for pihole-ftl, which allows declaratively defining the pihole.toml config file. Also provide options for adlists to use, which can be added through the pihole script (packaged as "pihole"). Other state such as clients and groups require complex database operations, which is normally performed by the pihole webapp (packaged as "pihole-web"). Extend the dnsmasq module to avoid duplication, since pihole-ftl is a soft-fork of dnsmasq which maintains compatibility. Provide the pihole script in `environment.systemPackages` so pihole-ftl can be easily administrated. 2025-04-28 22:22:01 +01:00			`fi`

			`source ${pihole}/usr/share/pihole/advanced/Scripts/api.sh`
			`source ${pihole}/usr/share/pihole/advanced/Scripts/utils.sh`

			`any_failed=0`

			`addList() {`
			`local payload="$1"`

			`echo "Adding list: $payload"`
			`local result=$(PostFTLData "lists" "$payload")`

			`local error="$($jq '.error' <<< "$result")"`
			`if [[ "$error" != "null" ]]; then`
			`echo "Error: $error"`
			`any_failed=1`
			`return`
			`fi`

			`id="$($jq '.lists.[].id?' <<< "$result")"`
			`if [[ "$id" == "null" ]]; then`
			`any_failed=1`
			`error="$($jq '.processed.errors.[].error' <<< "$result")"`
			`echo "Error: $error"`
			`return`
			`fi`

			`echo "Added list ID $id: $result"`
			`}`

			`for i in 1 2 3; do`
			`(TestAPIAvailability) && break`
			`echo "Retrying API shortly..."`
pihole-ftl: update 6.1 -> 6.2.2 Apply some review suggestions by @dotlambda 2025-06-07 17:33:29 +01:00			`${lib.getExe' pkgs.coreutils "sleep"} .5s`
nixos/pihole-ftl: init Add a module for pihole-ftl, which allows declaratively defining the pihole.toml config file. Also provide options for adlists to use, which can be added through the pihole script (packaged as "pihole"). Other state such as clients and groups require complex database operations, which is normally performed by the pihole webapp (packaged as "pihole-web"). Extend the dnsmasq module to avoid duplication, since pihole-ftl is a soft-fork of dnsmasq which maintains compatibility. Provide the pihole script in `environment.systemPackages` so pihole-ftl can be easily administrated. 2025-04-28 22:22:01 +01:00			`done;`

			`LoginAPI`

			`${builtins.concatStringsSep "\n" (`
			`map (`
			`payload:`
			`lib.pipe payload [`
			`lib.strings.escapeShellArg`
			`(payload: "addList ${payload}")`
			`]`
			`) payloads`
			`)}`

			`# Run gravity.sh to load any new lists`
			`$pihole -g`
			`exit $any_failed`
			`''`