From 269876c51c7a4c2fd8e44ad5b4044053f90cba82 Mon Sep 17 00:00:00 2001
From: Cyberes <cyberes@evulid.cc>
Date: Mon, 26 Feb 2024 14:43:04 -0700
Subject: [PATCH] update readme and service

---
 README.md                    | 28 ++++++++++++++++++++++++----
 pihole-opnsense-sync.service |  5 +++--
 2 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index b7b4319..08961bd 100644
--- a/README.md
+++ b/README.md
@@ -1,9 +1,29 @@
 # pihole-opnsense-sync
+
 _Sync custom DNS entries in Pi-hole to OPNsense Unbound._
 
 ## Install
-```shell
-pip install -r requirements.txt
-```
 
-Then get your API auth details.
+1. Install pip requirements:
+    ```shell
+    pip install -r requirements.txt
+    ```
+2. Create your secrets file at `/etc/secrets/pihole-opnsense-sync` with your API details:
+    ```bash
+   OPNSENSE_API_KEY='...'
+   OPNSENSE_API_SECRET='...'
+   ```
+3. Set the permissions on this file:
+    ```shell
+   sudo chown root:root /etc/secrets/pihole-opnsense-sync
+   sudo chmod 600 /etc/secrets/pihole-opnsense-sync
+   ```
+4. Copy the systemd service file:
+   ```shell
+   sudo cp pihole-opnsense-sync.service /etc/systemd/system/pihole-opnsense-sync.service
+   ```
+5. Enable and start the service:
+   ```shell
+   sudo systemctl enable --now pihole-opnsense-sync
+   sudo systemctl status pihole-opnsense-sync
+   ```
\ No newline at end of file
diff --git a/pihole-opnsense-sync.service b/pihole-opnsense-sync.service
index 03bb6cc..9873c08 100644
--- a/pihole-opnsense-sync.service
+++ b/pihole-opnsense-sync.service
@@ -4,9 +4,10 @@ Description=Sync Pi-hole local DNS to OPNsense Unbound
 [Service]
 User=pihole
 Group=pihole
-ExecStart=/opt/icinga2-checks/Other/auto-acknowledge-apt.sh --api https://localhost:5665 --fail --user icingaweb2 --password XXXXX
+EnvironmentFile=/etc/secrets/pihole-opnsense-sync
+ExecStart=/opt/pihole-opnsense-sync/venv/bin/python /opt/pihole-opnsense-sync/syncer.py --opnsense https://192.168.1.1 --api-key ${OPNSENSE_API_KEY} --api-secret ${OPNSENSE_API_SECRET}
 SyslogIdentifier=pihole-opnsense-sync
 Restart=always
 
 [Install]
-WantedBy=multi-user.target
\ No newline at end of file
+WantedBy=multi-user.target