nixos/services/bind.nix

# This Configuration is meant for local DNS setups only!
{ options, config, lib, pkgs, ... }:

with builtins;
with lib;

let
  fn = import (../. + (toPath "/fn.nix")) { inherit lib; };
  cfg = config.machine;
in mkIf (elem "bind" cfg.services) {
  services.bind = {
    enable = true;
    listenOn = [ "127.0.0.1" ];
    forwarders = [
      # Cloudflare CDN
      "1.1.1.1" "1.0.0.1"
      #CCC DNS
      "204.152.184.76" "159.203.38.175" "207.148.83.241"
    ];
    # TODO: add DNSSEC
    extraOptions = ''
      dnssec-validation auto;

      recursion yes;
      allow-recursion { 127.0.0.1; };
      version none;
    '';
  };
}
Add bind service. 2023-01-29 14:39:14 +01:00			`# This Configuration is meant for local DNS setups only!`
			`{ options, config, lib, pkgs, ... }:`

			`with builtins;`
			`with lib;`

			`let`
			`fn = import (../. + (toPath "/fn.nix")) { inherit lib; };`
			`cfg = config.machine;`
			`in mkIf (elem "bind" cfg.services) {`
			`services.bind = {`
			`enable = true;`
			`listenOn = [ "127.0.0.1" ];`
			`forwarders = [`
			`# Cloudflare CDN`
			`"1.1.1.1" "1.0.0.1"`
			`#CCC DNS`
			`"204.152.184.76" "159.203.38.175" "207.148.83.241"`
			`];`
			`# TODO: add DNSSEC`
			`extraOptions = ''`
			`dnssec-validation auto;`

			`recursion yes;`
			`allow-recursion { 127.0.0.1; };`
			`version none;`
			`'';`
			`};`
			`}`