diff options
author | Alex Auvolat <alex@adnab.me> | 2023-09-03 13:18:49 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2023-09-03 13:19:04 +0200 |
commit | 61c740fda66831b209b9737a21324697036b479f (patch) | |
tree | 697789abc790b3383ef047294d5e7e29adc98d40 | |
parent | efdc02e828e9316485d9460c3f314129e4a12382 (diff) | |
download | user-config-61c740fda66831b209b9737a21324697036b479f.tar.gz user-config-61c740fda66831b209b9737a21324697036b479f.zip |
Forward Alfis domain names to external Alfis resolver
-rw-r--r-- | nixos/common.nix | 18 | ||||
-rw-r--r-- | nixos/lindy.nix | 2 |
2 files changed, 18 insertions, 2 deletions
diff --git a/nixos/common.nix b/nixos/common.nix index e898dec..ef1fcff 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -38,10 +38,24 @@ in networking.networkmanager.enable = true; - services.unbound = { + services.unbound = + let + alfisTld = [ "anon." "btn." "conf." "index." "merch." "mirror." "mob." "screen." "srv." "ygg." ]; + in { enable = true; resolveLocalQueries = true; - settings.server.log-servfail = true; + settings = { + server = { + log-servfail = true; + domain-insecure = alfisTld; + }; + forward-zone = map (tld: { + name = tld; + forward-addr = "324:71e:281a:9ed3::53"; + forward-tcp-upstream = false; + forward-tls-upstream = false; + }) alfisTld; + }; }; services.resolved.enable = false; diff --git a/nixos/lindy.nix b/nixos/lindy.nix index a2ae352..6907e82 100644 --- a/nixos/lindy.nix +++ b/nixos/lindy.nix @@ -105,6 +105,8 @@ Kogami UUID=61534c91-df18-4c71-9244-54e677f5d4fa /root/kogami_key environment.systemPackages = with pkgs; [ zfs docker-compose ]; + nix.gc.automatic = false; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; hardware.cpu.intel.updateMicrocode = |