From 42bf634d0f60bd3d849878ec4167dbad93d957f3 Mon Sep 17 00:00:00 2001
From: sid <sid@sid.ovh>
Date: Sun, 19 Apr 2026 01:13:20 +0200
Subject: [PATCH 1/2] coredns binds to 0.0.0.0:53

---
 hosts/sid/services/coredns.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hosts/sid/services/coredns.nix b/hosts/sid/services/coredns.nix
index e5c0904..16d1ed2 100644
--- a/hosts/sid/services/coredns.nix
+++ b/hosts/sid/services/coredns.nix
@@ -10,7 +10,7 @@
     enable = true;
     config = with constants; ''
       .:53 {
-        bind 127.0.0.1
+        bind 0.0.0.0
         hosts {
           ${hosts.sid.ip} ${ca-fqdn} 
 

From 72700ac671982dba43737e63a5a568feba81efbc Mon Sep 17 00:00:00 2001
From: sid <sid@sid.ovh>
Date: Sun, 19 Apr 2026 01:20:46 +0200
Subject: [PATCH 2/2] sid: open port 53

---
 hosts/sid/services/coredns.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hosts/sid/services/coredns.nix b/hosts/sid/services/coredns.nix
index 16d1ed2..df9b3bb 100644
--- a/hosts/sid/services/coredns.nix
+++ b/hosts/sid/services/coredns.nix
@@ -29,4 +29,7 @@
       }
     '';
   };
+
+  networking.firewall.allowedUDPPorts = [ 53 ];
+  networking.firewall.allowedTCPPorts = [ 53 ];
 }