Add bind service.

This commit is contained in:
Kevin Baensch 2023-01-29 14:39:14 +01:00
parent 97cfcc7957
commit 94589735dc
Signed by: derped
GPG key ID: C0F1D326C7626543

29
services/bind.nix Normal file
View file

@ -0,0 +1,29 @@
# This Configuration is meant for local DNS setups only!
{ options, config, lib, pkgs, ... }:
with builtins;
with lib;
let
fn = import (../. + (toPath "/fn.nix")) { inherit lib; };
cfg = config.machine;
in mkIf (elem "bind" cfg.services) {
services.bind = {
enable = true;
listenOn = [ "127.0.0.1" ];
forwarders = [
# Cloudflare CDN
"1.1.1.1" "1.0.0.1"
#CCC DNS
"204.152.184.76" "159.203.38.175" "207.148.83.241"
];
# TODO: add DNSSEC
extraOptions = ''
dnssec-validation auto;
recursion yes;
allow-recursion { 127.0.0.1; };
version none;
'';
};
}