hosts/carbon: Move DNS server to seperate file

2024-07-14 00:23:58 +02:00 · 2024-07-14 00:23:58 +02:00 · 4105528835
commit 4105528835
parent b860650ead
2 changed files with 24 additions and 18 deletions
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@ -6,6 +6,7 @@
      ./hardware-configuration.nix
      ../../configuration/router

+      ./dns.nix
      ./ppp.nix
    ];

@ -253,9 +254,6 @@
    };
  };

-  networking.firewall.allowedUDPPorts = [ 53 ];
-  networking.firewall.allowedTCPPorts = [ 53 ];
-
  clerie.firewall.enable = true;
  clerie.firewall.extraForwardFilterCommands = ''
    ip46tables -A forward-filter -i enp1s0.202 -o ppp-dtagdsl -j ACCEPT
@ -273,20 +271,5 @@
    blackbox = true;
  };

-  services.unbound = {
-    enable = true;
-    resolveLocalQueries = false;
-    settings = {
-      server = {
-        interface = [ "fd00:152:152::1" "10.152.0.1" ];
-        access-control = [ "::/0 allow" "0.0.0.0/0 allow" ];
-        prefer-ip6 = true;
-        prefetch = true;
-        serve-expired = true;
-        serve-expired-ttl-reset = true;
-      };
-    };
-  };
-
  system.stateVersion = "21.03";
 }
--- a/hosts/carbon/dns.nix
+++ b/hosts/carbon/dns.nix
@ -0,0 +1,23 @@
+{ ... }:
+
+{
+
+  networking.firewall.allowedUDPPorts = [ 53 ];
+  networking.firewall.allowedTCPPorts = [ 53 ];
+
+  services.unbound = {
+    enable = true;
+    resolveLocalQueries = false;
+    settings = {
+      server = {
+        interface = [ "fd00:152:152::1" "10.152.0.1" ];
+        access-control = [ "::/0 allow" "0.0.0.0/0 allow" ];
+        prefer-ip6 = true;
+        prefetch = true;
+        serve-expired = true;
+        serve-expired-ttl-reset = true;
+      };
+    };
+  };
+
+}