2024-11-15 10:17:56 +01:00
|
|
|
{ lib, ... }:
|
|
|
|
|
{
|
2023-11-25 09:19:31 +01:00
|
|
|
networking.nameservers = [
|
|
|
|
|
# https://dnsforge.de/
|
|
|
|
|
"176.9.93.198"
|
|
|
|
|
"176.9.1.117"
|
|
|
|
|
|
|
|
|
|
# TODO: enable IPv6
|
|
|
|
|
# "2a01:4f8:151:34aa::198"
|
|
|
|
|
# "2a01:4f8:141:316d::117"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
services.resolved = {
|
|
|
|
|
enable = true;
|
|
|
|
|
dnssec = "true";
|
2024-11-15 10:17:56 +01:00
|
|
|
domains = [ "~." ];
|
2024-07-26 18:02:15 +02:00
|
|
|
|
|
|
|
|
# TODO: figure out why "true" doesn't work
|
|
|
|
|
dnsovertls = "opportunistic";
|
2024-10-16 23:01:57 +02:00
|
|
|
|
2024-11-15 10:17:56 +01:00
|
|
|
fallbackDns = lib.mkForce [ ];
|
2024-11-11 21:49:08 +01:00
|
|
|
|
|
|
|
|
# TODO: IPv6
|
|
|
|
|
# extraConfig = ''
|
|
|
|
|
# DNSStubListenerExtra=[::1]:53
|
|
|
|
|
# '';
|
2023-11-25 09:19:31 +01:00
|
|
|
};
|
|
|
|
|
}
|
