3 files changed, 11 insertions, 2 deletions

diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index 647021ca..96bb793a 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -110,6 +110,11 @@ in {
         server=/cipmath.loc/10.153.88.9
       '';
     };
+    environment.etc."NetworkManager/dnsmasq.d/yggdrasil.conf" = {
+      text = ''
+        server=/yggdrasil/2a03:4000:52:ada:1:1::
+      '';
+    };
 
     environment.etc."systemd/networkd.conf" = {
       text = ''
diff --git a/hosts/vidhar/dns/default.nix b/hosts/vidhar/dns/default.nix
index b1457a7a..caaa8e15 100644
--- a/hosts/vidhar/dns/default.nix
+++ b/hosts/vidhar/dns/default.nix
@@ -82,6 +82,10 @@ in {
           listen: 127.0.0.1@5353
           listen: ::1@5353
 
+          listen: 10.141.1.1@53
+          listen: 10.141.2.1@53
+          listen: 2a03:4000:52:ada:1:1::@53
+
         acl:
           - id: local_acl
             key: local_key
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index 0f591f24..4e8341e9 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -165,8 +165,8 @@ table inet filter {
     iifname { lan, mgmt, dsl, yggdrasil, bifrost } tcp dport 22 counter name ssh-rx accept
     iifname { lan, mgmt, dsl, yggdrasil, bifrost } udp dport 60001-61000 counter name mosh-rx accept
 
-    iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
-    iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept
+    iifname { lan, mgmt, dmz01, yggdrasil } tcp dport 53 counter name dns-rx accept
+    iifname { lan, mgmt, dmz01, yggdrasil } udp dport 53 counter name dns-rx accept
 
     iifname { lan, mgmt, dsl } meta protocol ip udp dport 51820 counter name wg-rx accept
     iifname { lan, mgmt, dsl } meta protocol ip6 udp dport 51821 counter name wg-rx accept