s0me1newithhand7s/reNixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(ada): dnsproxy init

Browse source 
Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
This commit is contained in:
s0me1newithhand7s 2026-05-29 00:06:25 +03:00
parent f6a3e5e9d7
commit d03a563188
3 changed files with 63 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

43
ada/services/dnsproxy.nix Normal file
View file

@ -0,0 +1,43 @@
_: {
services = {
dnsproxy = {
enable = true;
settings = {
listen-addrs = [
"127.0.0.1"
"::1"
];
listen-ports = [
5353
];
http3 = true;
cache = true;
cache-size = 4096;
all-servers = true;
dnssec = true;
bootstrap = [
"1.1.1.1"
"8.8.8.8"
"9.9.9.9"
];
upstream = [
"https://1.1.1.1/dns-query?host=cloudflare-dns.com"
"https://1.0.0.1/dns-query?host=cloudflare-dns.com"
"https://8.8.8.8/dns-query?host=dns.google"
"https://8.8.4.4/dns-query?host=dns.google"
"https://9.9.9.9/dns-query?quad9.net"
"https://149.112.112.112/dns-query?host=quad9.net"
"https://208.67.222.222/dns-query?host=dns.google"
"https://208.67.220.220/dns-query?host=dns.google"
];
};
};
};
}

48
ada/services/resolved.nix
View file

@ -2,38 +2,28 @@ _: {
services = {
resolved = {
enable = true;
dnsovertls = "true";
dnssec = "true";
llmnr = "true";
domains = [
"~."
];
settings = {
Resolve = {
DNSOverTLS = "false";
DNSSEC = "false";
LLMNR = "false";
MulticastDNS = false;
fallbackDns = [
# cf dns
"1.1.1.1"
"1.0.0.1"
"2606:4700:4700::1111"
"2606:4700:4700::1001"
DNS = [
"127.0.0.1:5353"
"[::1]:5353"
];
# google dns
"8.8.8.8"
"8.8.4.4"
"2001:4860:4860::8888"
"2001:4860:4860::8844"
FallbackDNS = [
"127.0.0.1:5353"
"[::1]:5353"
];
# q9 dns
"9.9.9.9"
"149.112.112.112"
"2620:fe::fe"
"2620:fe::9"
# open dns
"208.67.222.222"
"208.67.220.220"
"2620:119:35::35"
"2620:119:53::53"
];
Domains = [
"~."
];
};
};
};
};
}