coolneng
/
panacea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Enable DNSSEC and mDNS for DNS resolution

This commit is contained in:
coolneng 2023-08-16 03:26:23 +02:00
parent 35d0196e66
commit ebc7620407
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
1 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/networking.nix
View File

@ -25,7 +25,6 @@ in {
# Disable DNSSEC and enable mDNS # Disable DNSSEC and enable mDNS
services.resolved = { services.resolved = {
enable = true; enable = true;
dnssec = "false";
llmnr = "false"; llmnr = "false";
extraConfig = '' extraConfig = ''
MulticastDNS=yes MulticastDNS=yes
@ -52,10 +51,7 @@ in {
address = [ "192.168.13.131/24" ]; address = [ "192.168.13.131/24" ];
gateway = [ "192.168.13.1" ]; gateway = [ "192.168.13.1" ];
dns = [ "192.168.13.2" ]; dns = [ "192.168.13.2" ];
networkConfig = { networkConfig.MulticastDNS = "yes";
DNSSEC = "no";
MulticastDNS = "yes";
};
}; };
systemd.network.networks."25-home" = { systemd.network.networks."25-home" = {
@ -67,10 +63,7 @@ in {
address = [ "192.168.13.3/24" ]; address = [ "192.168.13.3/24" ];
gateway = [ "192.168.13.1" ]; gateway = [ "192.168.13.1" ];
dns = [ "192.168.13.2" ]; dns = [ "192.168.13.2" ];
networkConfig = { networkConfig.MulticastDNS = "yes";
DNSSEC = "no";
MulticastDNS = "yes";
};
}; };
# VPN setup # VPN setup
@ -100,6 +93,7 @@ in {
DNS = "10.8.0.1"; DNS = "10.8.0.1";
DNSDefaultRoute = true; DNSDefaultRoute = true;
Domains = "~."; Domains = "~.";
MulticastDNS = "yes";
}; };
routingPolicyRules = [{ routingPolicyRules = [{
routingPolicyRuleConfig = { routingPolicyRuleConfig = {