summaryrefslogtreecommitdiff
path: root/modules/core/networking
diff options
context:
space:
mode:
Diffstat (limited to 'modules/core/networking')
-rw-r--r--modules/core/networking/default.nix1
-rw-r--r--modules/core/networking/resolved.nix17
2 files changed, 18 insertions, 0 deletions
diff --git a/modules/core/networking/default.nix b/modules/core/networking/default.nix
index 608be0b..ebdcd55 100644
--- a/modules/core/networking/default.nix
+++ b/modules/core/networking/default.nix
@@ -2,6 +2,7 @@
{
imports = [
./firewall
+ ./resolved.nix
./tailscale.nix
];
diff --git a/modules/core/networking/resolved.nix b/modules/core/networking/resolved.nix
new file mode 100644
index 0000000..82effbe
--- /dev/null
+++ b/modules/core/networking/resolved.nix
@@ -0,0 +1,17 @@
+{ secrets, ... }:
+{
+ services.resolved = {
+ enable = false;
+ dnssec = "true";
+ domains = [ "~." ];
+ dnsovertls = "true";
+ llmnr = "false";
+
+ extraConfig = ''
+ DNS=45.90.28.0#${secrets.nextdns_id}.dns.nextdns.io
+ DNS=2a07:a8c0::#${secrets.nextdns_id}.dns.nextdns.io
+ DNS=45.90.30.0#${secrets.nextdns_id}.dns.nextdns.io
+ DNS=2a07:a8c1::#${secrets.nextdns_id}.dns.nextdns.io
+ '';
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-13 04:18:05 +0000