b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

feat: use systemd-resolved so VPN & WG DNS works

Browse source
This commit is contained in:
Benjamin Bädorf 2024-01-24 21:02:10 +01:00
parent 099fd5a354
commit 28786af37b
No known key found for this signature in database
GPG key ID: 1B7BF5B77A521346
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
modules/core/networking.nix
View file

@ -24,6 +24,20 @@
networking.firewall.enable = true; networking.firewall.enable = true;
networking.nftables.enable = true; networking.nftables.enable = true;
services.resolved = {
enable = true;
fallbackDns = [
"193.110.81.0#dns0.eu"
"2a0f:fc80::#dns0.eu"
"185.253.5.0#dns0.eu"
"2a0f:fc81::#dns0.eu"
];
dnssec = "false";
extraConfig = ''
DNSOverTLS=opportunistic
'';
};
# For rage encryption, all hosts need a ssh key pair # For rage encryption, all hosts need a ssh key pair
services.openssh = { services.openssh = {
enable = true; enable = true;