Price/NixOS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(orion): properly configure systemd-resolved

Browse Source
This commit is contained in:
Price Hiller 2023-10-27 01:45:32 -05:00
parent 96f35ee16c
commit 1588ab30f5
Signed by: Price
SSH Key Fingerprint: SHA256:Y4S9ZzYphRn1W1kbJerJFO6GGsfu9O70VaBSxJO7dF8
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/orion/modules/networking.nix
View File

@ -19,7 +19,12 @@ let
"194.242.2.2#dns.mullvad.net" "194.242.2.2#dns.mullvad.net"
"2a07:e340::2:853#dns.mullvad.net" "2a07:e340::2:853#dns.mullvad.net"
]; ];
resolved_fallback_nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; resolved_fallback_nameservers = [
"1.1.1.1#cloudflare-dns.com"
"1.0.0.1#cloudflare-dns.com"
"2606:4700:4700::1111#cloudflare-dns.com"
"2606:4700:4700::1001#cloudflare-dns.com"
];
in in
{ {
systemd.network = { systemd.network = {
@ -67,15 +72,16 @@ in
services.resolved = { services.resolved = {
enable = true; enable = true;
dnssec = "true"; dnssec = "allow-downgrade";
domains = [ "~." ]; domains = resolved_nameservers;
fallbackDns = resolved_fallback_nameservers; fallbackDns = resolved_fallback_nameservers;
llmnr = "true"; llmnr = "resolve";
extraConfig = '' extraConfig = ''
MulticastDNS=yes MulticastDNS=yes
DNSOverTLS=yes DNSOverTLS=yes
CacheFromLocalhost=no CacheFromLocalhost=no
Cache=yes Cache=yes
Domains=~.
''; '';
}; };
networking = { networking = {