os/hosts/pie/unbound.nix

{ pkgs, lib, ... }: {
  networking.firewall.allowedUDPPorts = [ 53 ];
  networking.firewall.allowedTCPPorts = [ 53 ];

  services.unbound = {
    enable = true;
    settings = {
      server = {
        include = [
          "\"${pkgs.adlist.unbound-adblockStevenBlack}\""
        ];
        interface = [
          "0.0.0.0"
          "::0"
        ];
        access-control = [
          "192.168.178.0/24 allow"
          "2a02:908:5b1:e3c0::/64 allow"
        ];
        local-zone = [
          "\"b12f.io\" static"
          "\"local\" static"
          "\"box\" static"
        ];
        local-data = [
          "\"brwb8763f64a364.local. 10800 IN A 192.168.178.4\""

          "\"droppie.local. 10800 IN A 192.168.178.3\""
          "\"droppie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:3\""

          "\"droppie.b12f.io. 10800 IN A 10.0.1.3\""
          "\"droppie.b12f.io. 10800 IN AAAA fd00:acab:1312:acab:3::\""
          "\"backup.b12f.io. 10800 IN CNAME droppie.b12f.io\""

          "\"pie.local. 10800 IN A 192.168.178.2\""
          "\"pie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:2\""

          "\"vpn.b12f.io. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:2\""

          "\"pie.b12f.io. 10800 IN A 10.0.1.2\""
          "\"pie.b12f.io. 10800 IN AAAA fd00:acab:1312:acab:2::\""
          "\"firefly.b12f.io. 10800 IN CNAME pie.b12f.io\""
          "\"firefly-importer.b12f.io. 10800 IN CNAME pie.b12f.io\""
          "\"paperless.b12f.io. 10800 IN CNAME pie.b12f.io\""

          "\"fritz.box. 10800 IN A 192.168.178.1\""
          "\"fritz.box. 10800 IN AAAA fd00::3ea6:2fff:fe57:30b0\""
        ];
      };
      forward-zone = [
        {
          name = ".";
          forward-addr = [
            "9.9.9.9@53#quad9"
            "2620:fe::fe@53#quad9"
          ];
          forward-tls-upstream = "no";
        }
      ];
    };
  };

}
refactor: Remove digga 2023-09-12 20:07:05 +00:00			`{ pkgs, lib, ... }: {`
feat: add Pie 2023-09-11 21:51:13 +00:00			`networking.firewall.allowedUDPPorts = [ 53 ];`
			`networking.firewall.allowedTCPPorts = [ 53 ];`

			`services.unbound = {`
			`enable = true;`
			`settings = {`
			`server = {`
			`include = [`
refactor: Remove digga 2023-09-12 20:07:05 +00:00			`"\"${pkgs.adlist.unbound-adblockStevenBlack}\""`
feat: add Pie 2023-09-11 21:51:13 +00:00			`];`
fix: fixes to networking and pie services 2023-10-09 08:43:53 +00:00			`interface = [`
			`"0.0.0.0"`
			`"::0"`
			`];`
			`access-control = [`
			`"192.168.178.0/24 allow"`
			`"2a02:908:5b1:e3c0::/64 allow"`
			`];`
feat: add Pie 2023-09-11 21:51:13 +00:00			`local-zone = [`
			`"\"b12f.io\" static"`
			`"\"local\" static"`
			`"\"box\" static"`
			`];`
			`local-data = [`
refactor: move to network printing 2023-10-10 11:37:17 +00:00			`"\"brwb8763f64a364.local. 10800 IN A 192.168.178.4\""`

fix: get networking on pie working properly 2023-10-08 17:32:00 +00:00			`"\"droppie.local. 10800 IN A 192.168.178.3\""`
fix: wireguard ipv6 and dns 2023-10-19 22:37:08 +00:00			`"\"droppie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:3\""`

feat: wireguard 2023-10-19 18:55:56 +00:00			`"\"droppie.b12f.io. 10800 IN A 10.0.1.3\""`
			`"\"droppie.b12f.io. 10800 IN AAAA fd00:acab:1312:acab:3::\""`
			`"\"backup.b12f.io. 10800 IN CNAME droppie.b12f.io\""`
fix: get networking on pie working properly 2023-10-08 17:32:00 +00:00
feat: add Pie 2023-09-11 21:51:13 +00:00			`"\"pie.local. 10800 IN A 192.168.178.2\""`
fix: wireguard ipv6 and dns 2023-10-19 22:37:08 +00:00			`"\"pie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:2\""`

			`"\"vpn.b12f.io. 10800 IN AAAA 2a02:908:5b1:e3c0:3077:4e39:7763:2\""`

feat: wireguard 2023-10-19 18:55:56 +00:00			`"\"pie.b12f.io. 10800 IN A 10.0.1.2\""`
			`"\"pie.b12f.io. 10800 IN AAAA fd00:acab:1312:acab:2::\""`
			`"\"firefly.b12f.io. 10800 IN CNAME pie.b12f.io\""`
			`"\"firefly-importer.b12f.io. 10800 IN CNAME pie.b12f.io\""`
fix: config errors in kea and unbound 2023-10-19 21:16:23 +00:00			`"\"paperless.b12f.io. 10800 IN CNAME pie.b12f.io\""`
fix: get networking on pie working properly 2023-10-08 17:32:00 +00:00
feat: add Pie 2023-09-11 21:51:13 +00:00			`"\"fritz.box. 10800 IN A 192.168.178.1\""`
fix: get networking on pie working properly 2023-10-08 17:32:00 +00:00			`"\"fritz.box. 10800 IN AAAA fd00::3ea6:2fff:fe57:30b0\""`
feat: add Pie 2023-09-11 21:51:13 +00:00			`];`
			`};`
			`forward-zone = [`
			`{`
			`name = ".";`
			`forward-addr = [`
			`"9.9.9.9@53#quad9"`
			`"2620:fe::fe@53#quad9"`
			`];`
			`forward-tls-upstream = "no";`
			`}`
			`];`
			`};`
			`};`

			`}`