36 lines
648 B
Nix
36 lines
648 B
Nix
# This Configuration is meant for local DNS setups only!
|
|
{
|
|
options,
|
|
config,
|
|
lib,
|
|
fn,
|
|
pkgs,
|
|
...
|
|
}:
|
|
with builtins;
|
|
with lib; let
|
|
cfg = config.machine;
|
|
in
|
|
mkIf (elem "bind" cfg.services) {
|
|
services.bind = {
|
|
enable = true;
|
|
listenOn = ["127.0.0.1"];
|
|
forwarders = [
|
|
# Cloudflare CDN
|
|
"1.1.1.1"
|
|
"1.0.0.1"
|
|
#CCC DNS
|
|
"204.152.184.76"
|
|
"159.203.38.175"
|
|
"207.148.83.241"
|
|
];
|
|
# TODO: add DNSSEC
|
|
extraOptions = ''
|
|
dnssec-validation auto;
|
|
|
|
recursion yes;
|
|
allow-recursion { 127.0.0.1; };
|
|
version none;
|
|
'';
|
|
};
|
|
}
|