diff options
Diffstat (limited to 'hosts/surtr')
| -rw-r--r-- | hosts/surtr/dns/default.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index 23edfab5..5afdfedf 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix | |||
| @@ -15,10 +15,18 @@ | |||
| 15 | listen: 202.61.241.61@53 | 15 | listen: 202.61.241.61@53 |
| 16 | listen: 2a03:4000:52:ada::@53 | 16 | listen: 2a03:4000:52:ada::@53 |
| 17 | 17 | ||
| 18 | policy: | ||
| 19 | - id: rsa | ||
| 20 | algorithm: RSASHA256 | ||
| 21 | ksk-size: 4096 | ||
| 22 | zsk-size: 2048 | ||
| 23 | zsk-lifetime: 30d | ||
| 24 | |||
| 18 | zone: | 25 | zone: |
| 19 | - domain: yggdrasil.li | 26 | - domain: yggdrasil.li |
| 20 | file: ${./zones/li.yggdrasil.soa} | 27 | file: ${./zones/li.yggdrasil.soa} |
| 21 | semantic-checks: on | 28 | semantic-checks: on |
| 29 | dnssec-signing: on | ||
| 22 | ''; | 30 | ''; |
| 23 | }; | 31 | }; |
| 24 | }; | 32 | }; |