fix(orion): properly configure systemd-resolved

2023-10-27 01:45:32 -05:00 · 2023-10-27 01:45:32 -05:00 · 1588ab30f5
commit 1588ab30f5
parent 96f35ee16c
1 changed files with 10 additions and 4 deletions
--- a/hosts/orion/modules/networking.nix
+++ b/hosts/orion/modules/networking.nix
@ -19,7 +19,12 @@ let
    "194.242.2.2#dns.mullvad.net"
    "2a07:e340::2:853#dns.mullvad.net"
  ];
-  resolved_fallback_nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
+  resolved_fallback_nameservers = [
+    "1.1.1.1#cloudflare-dns.com"
+    "1.0.0.1#cloudflare-dns.com"
+    "2606:4700:4700::1111#cloudflare-dns.com"
+    "2606:4700:4700::1001#cloudflare-dns.com"
+  ];
 in
 {
  systemd.network = {
@ -67,15 +72,16 @@ in

  services.resolved = {
    enable = true;
-    dnssec = "true";
-    domains = [ "~." ];
+    dnssec = "allow-downgrade";
+    domains = resolved_nameservers;
    fallbackDns = resolved_fallback_nameservers;
-    llmnr = "true";
+    llmnr = "resolve";
    extraConfig = ''
      MulticastDNS=yes
      DNSOverTLS=yes
      CacheFromLocalhost=no
      Cache=yes
+      Domains=~.
    '';
  };
  networking = {