From 7545d799ddb4d4cb79a51fda3ac95262bdc15d22 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 22 May 2017 17:28:19 +0200
Subject: il 2: move dnscrypt & dnsmasq to dns-stuff.nix

---
 lass/2configs/dns-stuff.nix | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 lass/2configs/dns-stuff.nix

(limited to 'lass/2configs/dns-stuff.nix')

diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix
new file mode 100644
index 000000000..b52d3050b
--- /dev/null
+++ b/lass/2configs/dns-stuff.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+  services.dnscrypt-proxy = {
+    enable = true;
+    localAddress = "127.1.0.1";
+    resolverName = "cs-de";
+  };
+  services.dnsmasq = {
+    enable = true;
+    extraConfig = ''
+      server=127.1.0.1
+      server=/dn42/172.23.75.6
+      #no-resolv
+      cache-size=1000
+      min-cache-ttl=3600
+      bind-dynamic
+      all-servers
+      dnssec
+      trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
+      address=/blog/127.0.0.1
+      address=/blog/::1
+      rebind-domain-ok=/onion/
+      server=/.onion/127.0.0.1#9053
+      port=53
+    '';
+  };
+  networking.extraResolvconfConf = ''
+    name_servers='127.0.0.1'
+  '';
+}
-- 
cgit v1.2.3