nix/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes to local-network DNS

Browse Source
This commit is contained in:
Niten 2020-11-04 12:33:14 -06:00
parent ebba38a8ab
commit 64ad31ab4f
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/fudo/local-network.nix
View File

@ -70,7 +70,7 @@ in {
enable = mkEnableOption "Enable local network configuration (DHCP & DNS)."; enable = mkEnableOption "Enable local network configuration (DHCP & DNS).";
hosts = mkOption { hosts = mkOption {
type = with types; loaOf (submodule hostOpts); type = with types; attrsOf (submodule hostOpts);
default = {}; default = {};
description = "A map of hostname => { host_attributes }."; description = "A map of hostname => { host_attributes }.";
}; };
@ -101,7 +101,7 @@ in {
}; };
aliases = mkOption { aliases = mkOption {
type = with types; loaOf str; type = with types; attrsOf str;
default = {}; default = {};
description = "A mapping of host-alias => hostname to use on the local network."; description = "A mapping of host-alias => hostname to use on the local network.";
}; };
@ -245,10 +245,10 @@ in {
listenOn = cfg.dns-serve-ips; listenOn = cfg.dns-serve-ips;
extraOptions = concatStringsSep "\n" [ extraOptions = concatStringsSep "\n" [
"dnssec-enable yes;" "dnssec-enable yes;"
"dnssec-validation auto;" "dnssec-validation yes;"
"auth-nxdomain no;" "auth-nxdomain no;"
"recursion yes;" "recursion yes;"
"allow-recursion { ${cfg.network}; };" "allow-recursion { any; };"
]; ];
zones = [ zones = [
{ {

8
hosts/clunk.nix
View File

@ -33,7 +33,7 @@ in {
dns-servers = [ host-internal-ip ]; dns-servers = [ host-internal-ip ];
gateway = host-internal-ip; gateway = host-internal-ip;
dhcp-interfaces = [ "intif0" ]; dhcp-interfaces = [ "intif0" ];
dns-serve-ips = [ host-internal-ip "127.0.0.1" "127.0.1.1" ]; dns-serve-ips = [ host-internal-ip "127.0.0.1" "127.0.1.1" "::1" ];
# Using a pihole running in docker, see below # Using a pihole running in docker, see below
recursive-resolver = "${host-internal-ip} port 5353"; recursive-resolver = "${host-internal-ip} port 5353";
server-ip = host-internal-ip; server-ip = host-internal-ip;
@ -54,7 +54,7 @@ in {
firewall = { firewall = {
enable = true; enable = true;
trustedInterfaces = [ "intif0" ]; trustedInterfaces = [ "intif0" "docker0" ];
}; };
interfaces = { interfaces = {
@ -100,7 +100,9 @@ in {
enable = true; enable = true;
port = 53; port = 53;
upstream-dns = [ upstream-dns = [
"https://cloudflare-dns.com/dns-query" "https://1.1.1.1/dns-query"
"https://1.0.0.1/dns-query"
#"https://9.9.9.9/dns-query"
]; ];
bootstrap-dns = "1.1.1.1"; bootstrap-dns = "1.1.1.1";
listen-ips = [dns-proxy-ip]; listen-ips = [dns-proxy-ip];