diff --git a/profiles/misc/default.nix b/profiles/misc/default.nix
new file mode 100644
index 00000000..53b9a0dd
--- /dev/null
+++ b/profiles/misc/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+  imports = [
+    ./stubby.nix
+  ];
+}
diff --git a/profiles/misc/stubby.nix b/profiles/misc/stubby.nix
new file mode 100644
index 00000000..2f7c4210
--- /dev/null
+++ b/profiles/misc/stubby.nix
@@ -0,0 +1,30 @@
+{ ... }:
+{
+  services.stubby = {
+    enable = true;
+    upstreamServers = ''
+      - address_data: 1.1.1.1
+        tls_port: 853
+        tls_auth_name: "cloudflare-dns.com"
+      - address_data: 1.0.0.1
+        tls_port: 853
+        tls_auth_name: "cloudflare-dns.com"
+    '';
+  };
+
+  environment.etc = {
+    "resolv.conf" = {
+      text = ''
+        options edns0
+        nameserver 127.0.0.1
+      '';
+      mode = "444";
+    };
+  };
+
+
+  networking = {
+    networkmanager.dns = "none";
+    resolvconf.dnsExtensionMechanism = false;
+  };
+}