aboutsummaryrefslogtreecommitdiff
path: root/modules/services/dns.nix
blob: 1917bf0ae469b1eb4f9d328ea130156275c7543e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

{
  flake.modules.nixos.dns =
    { lib, ... }:
    let
      servers = [
        "1.1.1.1#cloudflare-dns.com"
        "1.0.0.1#cloudflare-dns.com"
        "9.9.9.9#dns.quad9.net"
        "149.112.112.112#dns.quad9.net"
      ];
      fallbackServers = [
        "8.8.8.8#dns.google"
        "8.8.4.4#dns.google"
      ];
    in
    {
      services.resolved = {
        enable = true;
        settings = {
          Resolve = {
            DNS = servers;
            FallbackDNS = fallbackServers;
            DNSSEC = true;
            DNSOverTLS = true;
            Domains = [ "~." ];
          };
        };
      };
      networking = {
        nameservers = servers;
        networkmanager.dns = lib.mkDefault "systemd-resolved";
      };
    };
}
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-30 19:13:16 +0000