Set up Encrypted DNS resolver
This commit is contained in:
parent
477b5abfa8
commit
0a3bcc27ad
|
@ -112,7 +112,7 @@ in {
|
|||
|
||||
listen-address = [ "127.0.0.1" "192.168.13.2" "10.8.0.1" ];
|
||||
bind-interfaces = true;
|
||||
server = [ "51.158.108.203" "137.220.55.93" ];
|
||||
server = [ "127.0.0.1#43" ];
|
||||
|
||||
cache-size = 10000;
|
||||
local-ttl = 300;
|
||||
|
@ -123,4 +123,22 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
# Encrypted DNS
|
||||
services.dnscrypt-proxy2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
ipv6_servers = false;
|
||||
require_dnssec = true;
|
||||
listen_addresses = [ "127.0.0.1:43" ];
|
||||
sources.public-resolvers = {
|
||||
urls = [
|
||||
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
|
||||
];
|
||||
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
|
||||
minisign_key =
|
||||
"RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue