From 0589bc83d57f96b685de3bac4b2fb9cde5f07a8f Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 26 Dec 2021 10:13:58 +0100 Subject: vidhar: unbound --- hosts/vidhar/default.nix | 11 +++++++++++ hosts/vidhar/dsl.nix | 6 +++--- hosts/vidhar/zfs.nix | 5 +++++ 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index 25dcc7db..a8362202 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix @@ -260,5 +260,16 @@ cpuFreqGovernor = "schedutil"; }; + + services.unbound = { + enable = true; + resolveLocalQueries = false; + stateDir = "/var/lib/unbound"; + settings = { + server = { + interface = ["0.0.0.0" "::"]; + }; + }; + }; }; } diff --git a/hosts/vidhar/dsl.nix b/hosts/vidhar/dsl.nix index e66f609b..cfbae7b5 100644 --- a/hosts/vidhar/dsl.nix +++ b/hosts/vidhar/dsl.nix @@ -69,9 +69,9 @@ in { }; networkConfig = { LinkLocalAddressing = "no"; - DNS = [ - "1.1.1.1" "1.0.0.1" - ]; + DNS = [ "::1" "127.0.0.1" ]; + DNSSEC = "true"; + Domains = ["~."]; }; }; }; diff --git a/hosts/vidhar/zfs.nix b/hosts/vidhar/zfs.nix index c845a480..3b29a093 100644 --- a/hosts/vidhar/zfs.nix +++ b/hosts/vidhar/zfs.nix @@ -57,6 +57,11 @@ in { neededForBoot = true; }; + "/var/lib/unbound" = + { device = "ssd-raid1/local/var-lib-unbound"; + fsType = "zfs"; + }; + "/var/log" = { device = "ssd-raid1/local/var-log"; fsType = "zfs"; -- cgit v1.2.3