nixos/services/bind.nix

28 lines
578 B
Nix

# This Configuration is meant for local DNS setups only!
{ options, config, lib, fn, pkgs, ... }:
with builtins;
with lib;
let
cfg = config.machine;
in mkIf (elem "bind" cfg.services) {
services.bind = {
enable = true;
listenOn = [ "127.0.0.1" ];
forwarders = [
# Cloudflare CDN
"1.1.1.1" "1.0.0.1"
#CCC DNS
"204.152.184.76" "159.203.38.175" "207.148.83.241"
];
# TODO: add DNSSEC
extraOptions = ''
dnssec-validation auto;
recursion yes;
allow-recursion { 127.0.0.1; };
version none;
'';
};
}