trust-dns: asSystemResolver: listen also on ipv6 address

This commit is contained in:
2024-05-14 23:38:01 +00:00
parent d5e8974a4a
commit 66f73c92bd

View File

@@ -17,7 +17,14 @@ let
type = types.listOf types.str;
default = [ "127.0.0.1" ];
description = ''
IP addresses to serve requests from.
IPv4 addresses to serve requests from.
'';
};
listenAddrsIpv6 = mkOption {
type = types.listOf types.str;
default = [ ];
description = ''
IPv6 addresses to serve requests from.
'';
};
substitutions = mkOption {
@@ -78,13 +85,14 @@ let
};
});
mkSystemdService = flavor: { includes, listenAddrsIpv4, port, substitutions, extraConfig, ... }: let
mkSystemdService = flavor: { includes, listenAddrsIpv4, listenAddrsIpv6, port, substitutions, extraConfig, ... }: let
sed = "${pkgs.gnused}/bin/sed";
configTemplate = toml.generate "trust-dns-${flavor}.toml" (
(
lib.filterAttrsRecursive (_: v: v != null) config.services.trust-dns.settings
) // {
listen_addrs_ipv4 = listenAddrsIpv4;
listen_addrs_ipv6 = listenAddrsIpv6;
} // extraConfig
);
configPath = "/var/lib/trust-dns/${flavor}-config.toml";
@@ -212,12 +220,14 @@ in
sane.services.trust-dns.instances.localhost = lib.mkIf cfg.asSystemResolver {
listenAddrsIpv4 = [ "127.0.0.1" ];
listenAddrsIpv6 = [ "::1" ];
enableRecursiveResolver = true;
# append zones discovered via DHCP to the resolver config.
includes = [ "/var/lib/trust-dns/dhcp-configs/*" ];
};
networking.nameservers = lib.mkIf cfg.asSystemResolver [
"127.0.0.1"
"::1"
];
services.resolved.enable = lib.mkIf cfg.asSystemResolver (lib.mkForce false);
};