colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

servo: trust-dns: remove hn-resolver

Browse Source 
my hosts run their own recursive DNS resolvers now, so there's no need for the wireguard VPN to provide them with that
This commit is contained in:
Colin 2024-05-14 23:20:19 +00:00
parent d2ac88d66d
commit e040a5b0c5
1 changed files with 37 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
hosts/by-name/servo/services/trust-dns.nix
View File

@ -111,43 +111,43 @@ in
listenAddrs = [ nativeAddrs."servo.hn" ];
port = 1053;
};
hn-resolver = {
# don't need %AWAN% here because we forward to the hn instance.
listenAddrs = [ nativeAddrs."servo.hn" ];
extraConfig = {
zones = [
{
zone = "uninsane.org";
zone_type = "Forward";
stores = {
type = "forward";
name_servers = [
{
socket_addr = "${nativeAddrs."servo.hn"}:1053";
protocol = "udp";
trust_nx_responses = true;
}
];
};
}
{
# forward the root zone to the local DNS resolver
zone = ".";
zone_type = "Forward";
stores = {
type = "forward";
name_servers = [
{
socket_addr = "127.0.0.53:53";
protocol = "udp";
trust_nx_responses = true;
}
];
};
}
];
};
};
# hn-resolver = {
# # don't need %AWAN% here because we forward to the hn instance.
# listenAddrs = [ nativeAddrs."servo.hn" ];
# extraConfig = {
# zones = [
# {
# zone = "uninsane.org";
# zone_type = "Forward";
# stores = {
# type = "forward";
# name_servers = [
# {
# socket_addr = "${nativeAddrs."servo.hn"}:1053";
# protocol = "udp";
# trust_nx_responses = true;
# }
# ];
# };
# }
# {
# # forward the root zone to the local DNS resolver
# zone = ".";
# zone_type = "Forward";
# stores = {
# type = "forward";
# name_servers = [
# {
# socket_addr = "127.0.0.53:53";
# protocol = "udp";
# trust_nx_responses = true;
# }
# ];
# };
# }
# ];
# };
# };
};
sane.services.dyn-dns.restartOnChange = [