nixos-config/2configs/dnscrypt/client.nix

20 lines
549 B
Nix

{ config, ... }:
let
customResolver = {
# TODO: put this somewhere else
address = config.krebs.hosts.gum.nets.internet.ip4.addr;
port = 15251;
name = "2.dnscrypt-cert.euer.krebsco.de";
# dnscrypt-wrapper --show-provider-publickey --provider-publickey-file public.key
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
};
in {
services.dnscrypt-proxy = {
enable = true;
inherit customResolver;
};
networking.extraResolvconfConf = ''
name_servers='127.0.0.1'
'';
}