nixos-servers/services/ns/resolver.nix

{ pkgs, ... }: {
  networking.firewall.allowedTCPPorts = [
    53
  ];
  networking.firewall.allowedUDPPorts = [
    53
  ];
  services.unbound = {
    enable = true;

    settings = {
      server = {
        access-control = [
          "127.0.0.0/8 allow"
          "0.0.0.0/0 allow"
        ];
        local-zone = "home.2rjus.net nodefault";
        domain-insecure = "home.2rjus.net";
        interface = "0.0.0.0";
        do-not-query-localhost = "no";
        port = "53";
        do-ip4 = "yes";
        do-ip6 = "no";
        do-udp = "yes";
        do-tcp = "yes";
      };
      stub-zone = {
        name = "home.2rjus.net";
        stub-addr = "127.0.0.1@8053";
      };
      forward-zone = {
        name = ".";
        forward-tls-upstream = "yes";
        # forward-addr = "1.1.1.1@853#cloudflare-dns.com";
        forward-addr = [
          "1.1.1.1@853#cloudflare-dns.com"
          "1.0.0.1@853#cloudflare-dns.com"
          "8.8.8.8@853#dns.google"
          "8.8.4.4@853#dns.google"
        ];
      };
    };
  };
}
Improve ns stuff 2024-03-11 17:23:01 +00:00			`{ pkgs, ... }: {`
			`networking.firewall.allowedTCPPorts = [`
			`53`
			`];`
			`networking.firewall.allowedUDPPorts = [`
			`53`
			`];`
			`services.unbound = {`
			`enable = true;`

			`settings = {`
			`server = {`
			`access-control = [`
			`"127.0.0.0/8 allow"`
			`"0.0.0.0/0 allow"`
			`];`
Start changing ns stuff to home.2rjus.net 2024-03-12 18:44:41 +00:00			`local-zone = "home.2rjus.net nodefault";`
			`domain-insecure = "home.2rjus.net";`
Improve ns stuff 2024-03-11 17:23:01 +00:00			`interface = "0.0.0.0";`
			`do-not-query-localhost = "no";`
			`port = "53";`
			`do-ip4 = "yes";`
			`do-ip6 = "no";`
			`do-udp = "yes";`
			`do-tcp = "yes";`
			`};`
			`stub-zone = {`
Start changing ns stuff to home.2rjus.net 2024-03-12 18:44:41 +00:00			`name = "home.2rjus.net";`
Improve ns stuff 2024-03-11 17:23:01 +00:00			`stub-addr = "127.0.0.1@8053";`
			`};`
			`forward-zone = {`
			`name = ".";`
			`forward-tls-upstream = "yes";`
Add more dns servers to unbound 2024-06-27 19:19:11 +00:00			`# forward-addr = "1.1.1.1@853#cloudflare-dns.com";`
			`forward-addr = [`
			`"1.1.1.1@853#cloudflare-dns.com"`
			`"1.0.0.1@853#cloudflare-dns.com"`
			`"8.8.8.8@853#dns.google"`
			`"8.8.4.4@853#dns.google"`
			`];`
Improve ns stuff 2024-03-11 17:23:01 +00:00			`};`
			`};`
			`};`
			`}`