Merge pull request #72987 from rnhmjoj/dnschain

nixos/dnschain: use forwardZonesRecurse in pdns-recursor
This commit is contained in:
Renaud 2019-11-29 19:56:21 +01:00 committed by GitHub
commit e37e7b413c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 3 deletions

View File

@ -137,7 +137,7 @@ in
];
services.pdns-recursor = mkIf cfgs.pdns-recursor.resolveDNSChainQueries {
forwardZones =
forwardZonesRecurse =
{ bit = "127.0.0.1:${toString cfg.dns.port}";
dns = "127.0.0.1:${toString cfg.dns.port}";
};

View File

@ -90,11 +90,19 @@ in {
};
forwardZones = mkOption {
type = types.attrs;
default = {};
description = ''
DNS zones to be forwarded to other authoritative servers.
'';
};
forwardZonesRecurse = mkOption {
type = types.attrs;
example = { eth = "127.0.0.1:5353"; };
default = {};
description = ''
DNS zones to be forwarded to other servers.
DNS zones to be forwarded to other recursive servers.
'';
};
@ -158,7 +166,8 @@ in {
webserver-port = cfg.api.port;
webserver-allow-from = cfg.api.allowFrom;
forward-zones = mapAttrsToList (zone: uri: "${zone}.=${uri}") cfg.forwardZones;
forward-zones = mapAttrsToList (zone: uri: "${zone}.=${uri}") cfg.forwardZones;
forward-zones-recurse = mapAttrsToList (zone: uri: "${zone}.=${uri}") cfg.forwardZonesRecurse;
export-etc-hosts = cfg.exportHosts;
dnssec = cfg.dnssecValidation;
serve-rfc1918 = cfg.serveRFC1918;