clerie/nixfiles
1
0
Fork 0
Code

Add recursive dns server to router

Browse Source
This commit is contained in:
clerie 2022-01-02 16:39:27 +01:00
parent c8884c45bf
commit 3827c06fdf
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
hosts/carbon/configuration.nix
View File

@ -65,6 +65,8 @@
networking.interfaces."enp1s0.202".ipv4.addresses = [ networking.interfaces."enp1s0.202".ipv4.addresses = [
{ address = "192.168.32.1"; prefixLength = 24; } { address = "192.168.32.1"; prefixLength = 24; }
]; ];
# Use Anycast Nameservers
networking.nameservers = [ "fd00:152:152::1" "10.152.0.1" ];
networking.nat = { networking.nat = {
enableIPv6 = true; enableIPv6 = true;
@ -80,7 +82,7 @@
AdvSendAdvert on; AdvSendAdvert on;
prefix 2a01:4f8:1c0c:8221::/64 {}; prefix 2a01:4f8:1c0c:8221::/64 {};
route ::/0 {}; route ::/0 {};
RDNSS 2a01:4f8:251:554::2 {}; RDNSS fd00:152:152::1 {};
DNSSL net.clerie.de {}; DNSSL net.clerie.de {};
}; };
''; '';
@ -123,7 +125,7 @@
}; };
}; };
networking.firewall.allowedUDPPorts = [ 60001 ]; networking.firewall.allowedUDPPorts = [ 53 60001 ];
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
iptables -A FORWARD -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT iptables -A FORWARD -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT
@ -328,5 +330,16 @@
pubkey = "sro9DUSMtVr5xV2o3GTgg+0vmLj+bRc8fN+3pIr6+HY="; pubkey = "sro9DUSMtVr5xV2o3GTgg+0vmLj+bRc8fN+3pIr6+HY=";
}; };
services.unbound = {
enable = true;
resolveLocalQueries = false;
settings = {
server = {
interface = [ "fd00:152:152::1" "10.152.0.1" ];
access-control = [ "::/0 allow" "0.0.0.0/0 allow" ];
};
};
};
system.stateVersion = "21.03"; system.stateVersion = "21.03";
} }