From eb833159ba201ff69ed1d9c995d597bd397bcdf0 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <pngwjpgh@users.noreply.github.com>
Date: Thu, 10 Nov 2016 20:48:36 +0100
Subject: recursive unbound on ymir

---
 ymir.nix | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/ymir.nix b/ymir.nix
index e12ae138..991ac552 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -657,4 +657,25 @@ in rec {
       };
     };
   };
+
+  services.unbound = {
+    enable = true;
+    networks = ["127.0.0.0/8" "::ffff:127.0.0.0/104" "::1/128" "10.141.0.0/16"];
+    interfaces = ["127.0.0.1@5353" "::1@5353" "10.141.5.1@5353"];
+    extraConfig = ''
+      private-domain: "yggdrasil"
+    
+      domain-insecure: "10.in-addr.arpa"
+      domain-insecure: "yggdrasil"
+
+      local-zone: "10.in-addr.arpa" nodefault
+    
+      stub-zone:
+        name: "10.in-addr.arpa"
+        stub-addr: 10.141.1.1
+      stub-zone:
+        name: "yggdrasil"
+        stub-addr: 10.141.1.1
+    '';
+  };
 }
-- 
cgit v1.2.3