diff options
Diffstat (limited to 'hosts/vidhar/dns.nix')
| -rw-r--r-- | hosts/vidhar/dns.nix | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/hosts/vidhar/dns.nix b/hosts/vidhar/dns.nix new file mode 100644 index 00000000..49afc5fc --- /dev/null +++ b/hosts/vidhar/dns.nix | |||
| @@ -0,0 +1,47 @@ | |||
| 1 | { config, lib, pkgs, ... }: | ||
| 2 | { | ||
| 3 | config = { | ||
| 4 | services.unbound = { | ||
| 5 | enable = true; | ||
| 6 | resolveLocalQueries = false; | ||
| 7 | stateDir = "/var/lib/unbound"; | ||
| 8 | localControlSocketPath = "/run/unbound/unbound.ctl"; | ||
| 9 | settings = { | ||
| 10 | server = { | ||
| 11 | interface = ["127.0.0.1" "10.141.0.1" "::0"]; | ||
| 12 | access-control = ["0.0.0.0/0 allow" "::/0 allow"]; | ||
| 13 | root-hints = "${pkgs.dns-root-data}/root.hints"; | ||
| 14 | |||
| 15 | num-threads = 12; | ||
| 16 | so-reuseport = true; | ||
| 17 | msg-cache-slabs = 16; | ||
| 18 | rrset-cache-slabs = 16; | ||
| 19 | infra-cache-slabs = 16; | ||
| 20 | key-cache-slabs = 16; | ||
| 21 | |||
| 22 | rrset-cache-size = "100m"; | ||
| 23 | msg-cache-size = "50m"; | ||
| 24 | outgoing-range = 8192; | ||
| 25 | num-queries-per-thread = 4096; | ||
| 26 | |||
| 27 | so-rcvbuf = "4m"; | ||
| 28 | so-sndbuf = "4m"; | ||
| 29 | |||
| 30 | serve-expired = true; | ||
| 31 | serve-expired-ttl = 86400; | ||
| 32 | serve-expired-reply-ttl = 0; | ||
| 33 | |||
| 34 | prefetch = true; | ||
| 35 | prefetch-key = true; | ||
| 36 | |||
| 37 | minimal-responses = false; | ||
| 38 | |||
| 39 | extended-statistics = true; | ||
| 40 | |||
| 41 | rrset-roundrobin = true; | ||
| 42 | use-caps-for-id = true; | ||
| 43 | }; | ||
| 44 | }; | ||
| 45 | }; | ||
| 46 | }; | ||
| 47 | } | ||