summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2023-09-03 13:18:49 +0200
committerAlex Auvolat <alex@adnab.me>2023-09-03 13:19:04 +0200
commit61c740fda66831b209b9737a21324697036b479f (patch)
tree697789abc790b3383ef047294d5e7e29adc98d40
parentefdc02e828e9316485d9460c3f314129e4a12382 (diff)
downloaduser-config-61c740fda66831b209b9737a21324697036b479f.tar.gz
user-config-61c740fda66831b209b9737a21324697036b479f.zip
Forward Alfis domain names to external Alfis resolver
-rw-r--r--nixos/common.nix18
-rw-r--r--nixos/lindy.nix2
2 files changed, 18 insertions, 2 deletions
diff --git a/nixos/common.nix b/nixos/common.nix
index e898dec..ef1fcff 100644
--- a/nixos/common.nix
+++ b/nixos/common.nix
@@ -38,10 +38,24 @@ in
networking.networkmanager.enable = true;
- services.unbound = {
+ services.unbound =
+ let
+ alfisTld = [ "anon." "btn." "conf." "index." "merch." "mirror." "mob." "screen." "srv." "ygg." ];
+ in {
enable = true;
resolveLocalQueries = true;
- settings.server.log-servfail = true;
+ settings = {
+ server = {
+ log-servfail = true;
+ domain-insecure = alfisTld;
+ };
+ forward-zone = map (tld: {
+ name = tld;
+ forward-addr = "324:71e:281a:9ed3::53";
+ forward-tcp-upstream = false;
+ forward-tls-upstream = false;
+ }) alfisTld;
+ };
};
services.resolved.enable = false;
diff --git a/nixos/lindy.nix b/nixos/lindy.nix
index a2ae352..6907e82 100644
--- a/nixos/lindy.nix
+++ b/nixos/lindy.nix
@@ -105,6 +105,8 @@ Kogami UUID=61534c91-df18-4c71-9244-54e677f5d4fa /root/kogami_key
environment.systemPackages = with pkgs; [ zfs docker-compose ];
+ nix.gc.automatic = false;
+
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode =