From 3b13d9a2a367db84d48940460532c17a374bb488 Mon Sep 17 00:00:00 2001
From: schererleander <leander@schererleander.de>
Date: Thu, 5 Feb 2026 12:03:07 +0100
Subject: feat(modules): use dendritic pattern

---
 modules/services/dns.nix | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 modules/services/dns.nix

(limited to 'modules/services/dns.nix')

diff --git a/modules/services/dns.nix b/modules/services/dns.nix
new file mode 100644
index 0000000..1917bf0
--- /dev/null
+++ b/modules/services/dns.nix
@@ -0,0 +1,34 @@
+{
+  flake.modules.nixos.dns =
+    { lib, ... }:
+    let
+      servers = [
+        "1.1.1.1#cloudflare-dns.com"
+        "1.0.0.1#cloudflare-dns.com"
+        "9.9.9.9#dns.quad9.net"
+        "149.112.112.112#dns.quad9.net"
+      ];
+      fallbackServers = [
+        "8.8.8.8#dns.google"
+        "8.8.4.4#dns.google"
+      ];
+    in
+    {
+      services.resolved = {
+        enable = true;
+        settings = {
+          Resolve = {
+            DNS = servers;
+            FallbackDNS = fallbackServers;
+            DNSSEC = true;
+            DNSOverTLS = true;
+            Domains = [ "~." ];
+          };
+        };
+      };
+      networking = {
+        nameservers = servers;
+        networkmanager.dns = lib.mkDefault "systemd-resolved";
+      };
+    };
+}
-- 
cgit v1.3.1