diff options
| author | schererleander <leander@schererleander.de> | 2026-01-09 16:57:15 +0100 |
|---|---|---|
| committer | schererleander <leander@schererleander.de> | 2026-01-09 23:13:49 +0100 |
| commit | 3b5a73c436eb22e0cda59469263490705e149cb9 (patch) | |
| tree | ae3f20ca6008b11f71247dfc6e2df8218de9b95c /modules/hosts/dns/default.nix | |
| parent | ec45aae780da92e12cf82c5a32e336b14b7540ba (diff) | |
refactor: use flake-parts, change modules structure
Diffstat (limited to 'modules/hosts/dns/default.nix')
| -rw-r--r-- | modules/hosts/dns/default.nix | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/modules/hosts/dns/default.nix b/modules/hosts/dns/default.nix deleted file mode 100644 index 8463367..0000000 --- a/modules/hosts/dns/default.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - config, - lib, - ... -}: - -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.dns; -in -{ - options.nx.dns = { - enable = mkOption { - description = "enable DNS-over-TLS using systemd-resolved"; - type = types.bool; - default = false; - }; - servers = mkOption { - description = "list of DNS-over-TLS servers to use"; - type = types.listOf types.str; - default = [ - "1.1.1.1#cloudflare-dns.com" - "1.0.0.1#cloudflare-dns.com" - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - ]; - }; - fallbackServers = mkOption { - description = "fallback DNS servers"; - type = types.listOf types.str; - default = [ - "8.8.8.8#dns.google" - "8.8.4.4#dns.google" - ]; - }; - }; - - config = mkIf cfg.enable { - services.resolved = { - enable = true; - dnssec = "true"; - dnsovertls = "true"; - domains = [ "~." ]; - extraConfig = '' - DNSStubListener=yes - Cache=yes - ''; - }; - - networking = { - nameservers = cfg.servers; - networkmanager.dns = lib.mkDefault "systemd-resolved"; - }; - - systemd.services.systemd-resolved.environment = { - DNS = lib.concatStringsSep " " cfg.servers; - FallbackDNS = lib.concatStringsSep " " cfg.fallbackServers; - }; - }; -} |