summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2024-02-06 17:55:39 +0100
committerAlex Auvolat <alex@adnab.me>2024-02-06 17:55:39 +0100
commit68153b894f7f227d4e7714c6d138454df521d31c (patch)
treeb97371fdcadbc478da471ab1b10621017b20fd83
parent751261487ea1b628b7d683be4a0b23ac234be86a (diff)
downloaduser-config-68153b894f7f227d4e7714c6d138454df521d31c.tar.gz
user-config-68153b894f7f227d4e7714c6d138454df521d31c.zip
remove unbound dns resolver on local pcs
-rw-r--r--nixos/common.nix21
-rw-r--r--nixos/kusanagi.nix6
-rw-r--r--nixos/lindy.nix3
3 files changed, 4 insertions, 26 deletions
diff --git a/nixos/common.nix b/nixos/common.nix
index 729e0d9..9ae7a60 100644
--- a/nixos/common.nix
+++ b/nixos/common.nix
@@ -32,27 +32,6 @@
networking.networkmanager.enable = true;
- services.unbound =
- let
- alfisTld = [ "anon." "btn." "conf." "index." "merch." "mirror." "mob." "screen." "srv." "ygg." ];
- in {
- enable = true;
- resolveLocalQueries = lib.mkDefault true;
- settings = {
- server = {
- log-servfail = true;
- domain-insecure = alfisTld;
- };
- forward-zone = map (tld: {
- name = tld;
- forward-addr = "324:71e:281a:9ed3::53";
- forward-tcp-upstream = false;
- forward-tls-upstream = false;
- }) alfisTld;
- };
- };
- services.resolved.enable = false;
-
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
2022 # openssh
diff --git a/nixos/kusanagi.nix b/nixos/kusanagi.nix
index d2cd13c..4bd5b77 100644
--- a/nixos/kusanagi.nix
+++ b/nixos/kusanagi.nix
@@ -97,7 +97,7 @@ in
# ---- immutable user config for tmpfs root ----
users.mutableUsers = false;
- users.users.lx.passwordFile = "/Z/lx/.password";
+ users.users.lx.hashedPasswordFile = "/Z/lx/.password";
users.users.lx.uid = 1000;
users.users.lx.extraGroups = [ "vboxusers" "docker" ];
@@ -115,10 +115,6 @@ in
nix.gc.automatic = false;
- # ---- disable unbound dns resolution ----
-
- services.unbound.resolveLocalQueries = false;
-
# ---- improve graphics ----
services.xserver.videoDrivers = [ "intel" ];
diff --git a/nixos/lindy.nix b/nixos/lindy.nix
index 5e16fd8..6db2f06 100644
--- a/nixos/lindy.nix
+++ b/nixos/lindy.nix
@@ -148,6 +148,9 @@ Komaru UUID=caf8496f-006b-4762-bb20-506d4c7bdb51 /nix/persist/root/komaru_key
virtualisation.virtualbox.host.enable = true;
users.users.lx.extraGroups = [ "docker" "vboxusers" ];
+ # Use resolver from network
+ services.resolved.enable = false;
+
# Making dev work available outside
networking.firewall.allowedTCPPorts = [
# 8910 8920 # web dev