From c016dd3f2b304cf0b6e202c62c7726e5de655248 Mon Sep 17 00:00:00 2001
From: teutat3s <teutates@mailbox.org>
Date: Fri, 24 Feb 2023 17:57:55 +0100
Subject: [PATCH] dumpyourvms: re-enable global DNS over TLS

---
 hosts/dumpyourvms/dumpyourvms.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/hosts/dumpyourvms/dumpyourvms.nix b/hosts/dumpyourvms/dumpyourvms.nix
index c2176384..d0934b06 100644
--- a/hosts/dumpyourvms/dumpyourvms.nix
+++ b/hosts/dumpyourvms/dumpyourvms.nix
@@ -54,13 +54,13 @@ in {
       enable = true;
       # DNSSEC=false because of random SERVFAIL responses with Greenbaum DNS
       # when using allow-downgrade, see https://github.com/systemd/systemd/issues/10579
-      #extraConfig = ''
-      #  DNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 5.9.164.112#dns3.digitalcourage.de 89.233.43.71#unicast.censurfridns.dk 94.130.110.185#ns1.dnsprivacy.at 145.100.185.15#dnsovertls.sinodun.com 145.100.185.16#dnsovertls1.sinodun.com 185.49.141.37#getdnsapi.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net 2a01:4f8:251:554::2#dns3.digitalcourage.de 2a01:3a0:53:53::0#unicast.censurfridns.dk 2a01:4f8:c0c:3c03::2#ns1.dnsprivacy.at 2a01:4f8:c0c:3bfc::2#ns2.dnsprivacy.at 2001:610:1:40ba:145:100:185:15#dnsovertls.sinodun.com 2001:610:1:40ba:145:100:185:16#dnsovertls1.sinodun.com 2a04:b900:0:100::38#getdnsapi.net
-      #  FallbackDNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
-      #  Domains=~.
-      #  DNSOverTLS=yes
-      #  DNSSEC=false
-      #'';
+      extraConfig = ''
+        DNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 5.9.164.112#dns3.digitalcourage.de 89.233.43.71#unicast.censurfridns.dk 185.49.141.37#getdnsapi.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net 2a01:4f8:251:554::2#dns3.digitalcourage.de 2a01:3a0:53:53::0#unicast.censurfridns.dk 2a04:b900:0:100::38#getdnsapi.net
+        FallbackDNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
+        Domains=~.
+        DNSOverTLS=yes
+        DNSSEC=false
+      '';
     };
     services.mozillavpn.enable = true;
     networking = import ./networking.nix;