WIP: enable BIND DNS recursive resolver

This commit is contained in:
2024-12-30 03:15:42 +00:00
parent d2540f97ee
commit 424f61f782
3 changed files with 18 additions and 0 deletions

View File

@@ -89,6 +89,8 @@
sane.ids.smartd.gid = 2010; sane.ids.smartd.gid = 2010;
sane.ids.radicale.uid = 2011; sane.ids.radicale.uid = 2011;
sane.ids.radicale.gid = 2011; sane.ids.radicale.gid = 2011;
sane.ids.named.uid = 2012;
sane.ids.named.gid = 2012;
# found on graphical hosts # found on graphical hosts
sane.ids.nm-iodine.uid = 2101; # desko/moby/lappy sane.ids.nm-iodine.uid = 2101; # desko/moby/lappy

View File

@@ -0,0 +1,15 @@
{ lib, ... }:
{
services.bind.enable = lib.mkDefault true;
services.bind.forwarders = []; #< don't forward queries to upstream resolvers
services.bind.cacheNetworks = [
"127.0.0.0/24"
"::1/128"
"10.0.0.0/16"
];
services.bind.extraOptions = ''
port 953;
'';
networking.resolvconf.useLocalResolver = false; #< undo bind making this default true
}

View File

@@ -23,6 +23,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [
./bind.nix
./hickory-dns.nix ./hickory-dns.nix
./unbound.nix ./unbound.nix
]; ];