35 lines
799 B
Nix
35 lines
799 B
Nix
{ constants, ... }:
|
|
|
|
{
|
|
services.resolved.enable = false;
|
|
networking.resolvconf.enable = false;
|
|
|
|
networking.nameservers = [ "127.0.0.1" ];
|
|
|
|
services.coredns = {
|
|
enable = true;
|
|
config = with constants; ''
|
|
.:53 {
|
|
bind 0.0.0.0
|
|
hosts {
|
|
${hosts.sid.ip} ${ca-fqdn}
|
|
|
|
${hosts.rx4.ip} rx4.tail
|
|
${hosts.sid.ip} ${services.netdata.fqdn}
|
|
${hosts.sid.ip} ${services.vaultwarden.fqdn}
|
|
${hosts.sid.ip} ${services.webdav.fqdn}
|
|
${hosts.sid.ip} sid.tail
|
|
${hosts.vde.ip} vde.tail
|
|
fallthrough
|
|
}
|
|
forward . 1.1.1.1 8.8.8.8
|
|
cache 30
|
|
log
|
|
errors
|
|
}
|
|
'';
|
|
};
|
|
|
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
|
networking.firewall.allowedTCPPorts = [ 53 ];
|
|
}
|