feat(ada): dnsproxy init

Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
2026-05-29 00:06:25 +03:00 · 2026-05-29 00:06:25 +03:00 · d03a563188
commit d03a563188
parent f6a3e5e9d7
3 changed files with 63 additions and 52 deletions
--- a/ada/networking/nameservers.nix
+++ b/ada/networking/nameservers.nix
@ -1,29 +1,7 @@
 _: {
  networking = {
    nameservers = [
-      # cf dns
+      "127.0.0.53"
      "1.1.1.1"
      "1.0.0.1"
      "2606:4700:4700::1111"
      "2606:4700:4700::1001"
      # google dns
      "8.8.8.8"
      "8.8.4.4"
      "2001:4860:4860::8888"
      "2001:4860:4860::8844"
      # q9 dns
      "9.9.9.9"
      "149.112.112.112"
      "2620:fe::fe"
      "2620:fe::9"
      # open dns
      "208.67.222.222"
      "208.67.220.220"
      "2620:119:35::35"
      "2620:119:53::53"
    ];
  };
 }
--- a/ada/services/dnsproxy.nix
+++ b/ada/services/dnsproxy.nix
@ -0,0 +1,43 @@
 _: {
  services = {
    dnsproxy = {
      enable = true;
      settings = {
        listen-addrs = [
          "127.0.0.1"
          "::1"
        ];
        listen-ports = [
          5353
        ];
        http3 = true;
        cache = true;
        cache-size = 4096;
        all-servers = true;
        dnssec = true;
        bootstrap = [
          "1.1.1.1"
          "8.8.8.8"
          "9.9.9.9"
        ];
        upstream = [
          "https://1.1.1.1/dns-query?host=cloudflare-dns.com"
          "https://1.0.0.1/dns-query?host=cloudflare-dns.com"
          "https://8.8.8.8/dns-query?host=dns.google"
          "https://8.8.4.4/dns-query?host=dns.google"
          "https://9.9.9.9/dns-query?quad9.net"
          "https://149.112.112.112/dns-query?host=quad9.net"
          "https://208.67.222.222/dns-query?host=dns.google"
          "https://208.67.220.220/dns-query?host=dns.google"
        ];
      };
    };
  };
 }
--- a/ada/services/resolved.nix
+++ b/ada/services/resolved.nix
@ -2,38 +2,28 @@ _: {
  services = {
    resolved = {
      enable = true;
-      dnsovertls = "true";
+      settings = {
-      dnssec = "true";
+        Resolve = {
-      llmnr = "true";
+          DNSOverTLS = "false";
-      domains = [
+          DNSSEC = "false";
          LLMNR = "false";
          MulticastDNS = false;
          DNS = [
            "127.0.0.1:5353"
            "[::1]:5353"
          ];
          FallbackDNS = [
            "127.0.0.1:5353"
            "[::1]:5353"
          ];
          Domains = [
            "~."
          ];
-
+        };
-      fallbackDns = [
+      };
        # cf dns
        "1.1.1.1"
        "1.0.0.1"
        "2606:4700:4700::1111"
        "2606:4700:4700::1001"
        # google dns
        "8.8.8.8"
        "8.8.4.4"
        "2001:4860:4860::8888"
        "2001:4860:4860::8844"
        # q9 dns
        "9.9.9.9"
        "149.112.112.112"
        "2620:fe::fe"
        "2620:fe::9"
        # open dns
        "208.67.222.222"
        "208.67.220.220"
        "2620:119:35::35"
        "2620:119:53::53"
      ];
    };
  };
 }