29 lines
634 B
Nix
29 lines
634 B
Nix
# This Configuration is meant for local DNS setups only!
|
|
{ options, config, lib, pkgs, ... }:
|
|
|
|
with builtins;
|
|
with lib;
|
|
|
|
let
|
|
fn = import (../. + (toPath "/fn.nix")) { inherit lib; };
|
|
cfg = config.machine;
|
|
in mkIf (elem "bind" cfg.services) {
|
|
services.bind = {
|
|
enable = true;
|
|
listenOn = [ "127.0.0.1" ];
|
|
forwarders = [
|
|
# Cloudflare CDN
|
|
"1.1.1.1" "1.0.0.1"
|
|
#CCC DNS
|
|
"204.152.184.76" "159.203.38.175" "207.148.83.241"
|
|
];
|
|
# TODO: add DNSSEC
|
|
extraOptions = ''
|
|
dnssec-validation auto;
|
|
|
|
recursion yes;
|
|
allow-recursion { 127.0.0.1; };
|
|
version none;
|
|
'';
|
|
};
|
|
}
|