diff options
Diffstat (limited to 'hosts/surtr/dns')
-rw-r--r-- | hosts/surtr/dns/default.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index 23edfab5..5afdfedf 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix | |||
@@ -15,10 +15,18 @@ | |||
15 | listen: 202.61.241.61@53 | 15 | listen: 202.61.241.61@53 |
16 | listen: 2a03:4000:52:ada::@53 | 16 | listen: 2a03:4000:52:ada::@53 |
17 | 17 | ||
18 | policy: | ||
19 | - id: rsa | ||
20 | algorithm: RSASHA256 | ||
21 | ksk-size: 4096 | ||
22 | zsk-size: 2048 | ||
23 | zsk-lifetime: 30d | ||
24 | |||
18 | zone: | 25 | zone: |
19 | - domain: yggdrasil.li | 26 | - domain: yggdrasil.li |
20 | file: ${./zones/li.yggdrasil.soa} | 27 | file: ${./zones/li.yggdrasil.soa} |
21 | semantic-checks: on | 28 | semantic-checks: on |
29 | dnssec-signing: on | ||
22 | ''; | 30 | ''; |
23 | }; | 31 | }; |
24 | }; | 32 | }; |