From 9e407cd78f18cfa9cd0aa296c7eddf288a3433ec Mon Sep 17 00:00:00 2001
From: roxwize <rae@roxwize.xyz>
Date: Fri, 7 Mar 2025 21:21:47 -0500
Subject: [PATCH] ~

---
 nixos/docker/pihole/default.nix | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/nixos/docker/pihole/default.nix b/nixos/docker/pihole/default.nix
index 6db7be9..f587c6d 100644
--- a/nixos/docker/pihole/default.nix
+++ b/nixos/docker/pihole/default.nix
@@ -3,21 +3,29 @@
 in with lib; {
 	options.r5e.containers.pihole = {
 		enable = mkEnableOption "pihole";
+		openFirewall = mkOption {
+			type = types.bool;
+			default = false;
+		};
 		api-password = mkOption {
-			type = types.string;
+			type = types.str;
 			default = "";
 		};
 	};
 
-	config = mkIf cfg.enable mkMerge [
+	config = mkIf cfg.enable (mkMerge [
 		(import ./docker-compose.nix { inherit pkgs lib; })
 		{
 			virtualisation.oci-containers.containers.pihole = {
 				environment = {
 					TZ = config.time.timeZone;
-					FTLCONF_webserver_api_password = mkIf (cfg.api-password != null) cfg.api-password;
+					FTLCONF_webserver_api_password = mkIf (cfg.api-password != "") cfg.api-password;
 				};
 			};
+
+			networking.firewall = mkIf cfg.openFirewall {
+				allowedTCPPorts = [ 53 80 443 ];
+			};
 		}
-	];
+	]);
 }
\ No newline at end of file