From 410552883544614eab88267873cc147c423a170e Mon Sep 17 00:00:00 2001 From: clerie Date: Sun, 14 Jul 2024 00:23:58 +0200 Subject: [PATCH] hosts/carbon: Move DNS server to seperate file --- hosts/carbon/configuration.nix | 19 +------------------ hosts/carbon/dns.nix | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 18 deletions(-) create mode 100644 hosts/carbon/dns.nix diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix index fe40263..08bb266 100644 --- a/hosts/carbon/configuration.nix +++ b/hosts/carbon/configuration.nix @@ -6,6 +6,7 @@ ./hardware-configuration.nix ../../configuration/router + ./dns.nix ./ppp.nix ]; @@ -253,9 +254,6 @@ }; }; - networking.firewall.allowedUDPPorts = [ 53 ]; - networking.firewall.allowedTCPPorts = [ 53 ]; - clerie.firewall.enable = true; clerie.firewall.extraForwardFilterCommands = '' ip46tables -A forward-filter -i enp1s0.202 -o ppp-dtagdsl -j ACCEPT @@ -273,20 +271,5 @@ blackbox = true; }; - services.unbound = { - enable = true; - resolveLocalQueries = false; - settings = { - server = { - interface = [ "fd00:152:152::1" "10.152.0.1" ]; - access-control = [ "::/0 allow" "0.0.0.0/0 allow" ]; - prefer-ip6 = true; - prefetch = true; - serve-expired = true; - serve-expired-ttl-reset = true; - }; - }; - }; - system.stateVersion = "21.03"; } diff --git a/hosts/carbon/dns.nix b/hosts/carbon/dns.nix new file mode 100644 index 0000000..2019726 --- /dev/null +++ b/hosts/carbon/dns.nix @@ -0,0 +1,23 @@ +{ ... }: + +{ + + networking.firewall.allowedUDPPorts = [ 53 ]; + networking.firewall.allowedTCPPorts = [ 53 ]; + + services.unbound = { + enable = true; + resolveLocalQueries = false; + settings = { + server = { + interface = [ "fd00:152:152::1" "10.152.0.1" ]; + access-control = [ "::/0 allow" "0.0.0.0/0 allow" ]; + prefer-ip6 = true; + prefetch = true; + serve-expired = true; + serve-expired-ttl-reset = true; + }; + }; + }; + +}