nixos/services/bind.nix

37 lines
648 B
Nix
Raw Normal View History

2023-01-29 14:39:14 +01:00
# This Configuration is meant for local DNS setups only!
2023-09-11 20:23:04 +02:00
{
options,
config,
lib,
fn,
pkgs,
...
}:
2023-01-29 14:39:14 +01:00
with builtins;
2023-09-11 20:23:04 +02:00
with lib; let
2023-01-29 14:39:14 +01:00
cfg = config.machine;
2023-09-11 20:23:04 +02:00
in
mkIf (elem "bind" cfg.services) {
services.bind = {
enable = true;
listenOn = ["127.0.0.1"];
forwarders = [
# Cloudflare CDN
"1.1.1.1"
"1.0.0.1"
#CCC DNS
"204.152.184.76"
"159.203.38.175"
"207.148.83.241"
];
# TODO: add DNSSEC
extraOptions = ''
dnssec-validation auto;
2023-01-29 14:39:14 +01:00
2023-09-11 20:23:04 +02:00
recursion yes;
allow-recursion { 127.0.0.1; };
version none;
'';
};
}