34 lines
691 B
Nix
34 lines
691 B
Nix
{ ... }:
|
|
{
|
|
sops.secrets.ns_xfer_key = {
|
|
path = "/etc/nsd/xfer.key";
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 8053 ];
|
|
networking.firewall.allowedUDPPorts = [ 8053 ];
|
|
|
|
services.nsd = {
|
|
enable = true;
|
|
port = 8053;
|
|
ipv6 = false;
|
|
verbosity = 2;
|
|
identity = "home.2rjus.net server";
|
|
interfaces = [ "0.0.0.0" ];
|
|
|
|
keys = {
|
|
"xferkey" = {
|
|
algorithm = "hmac-sha256";
|
|
keyFile = "/etc/nsd/xfer.key";
|
|
};
|
|
};
|
|
|
|
zones = {
|
|
"home.2rjus.net" = {
|
|
provideXFR = [ "10.69.13.8 xferkey" ];
|
|
notify = [ "10.69.13.8@8053 xferkey" ];
|
|
data = builtins.readFile ./zones-home-2rjus-net.conf;
|
|
};
|
|
};
|
|
};
|
|
}
|