Skip to content

Commit

Permalink
feat(dns): enable and configure resolved
Browse files Browse the repository at this point in the history
  • Loading branch information
@workflow
workflow committed Jul 23, 2024
1 parent 1deb09e commit 19c07fc
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions system/networking.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,6 @@
logReversePathDrops = true;
};

networking.extraHosts = ''
'';

# Tailscale
services.tailscale.enable = true;
services.tailscale.useRoutingFeatures = "client";
Expand All @@ -26,14 +23,18 @@

networking.networkmanager = {
enable = true;
plugins = [pkgs.networkmanager-l2tp];
dns = "none"; # Make sure networkmanager doesn't override our DNS settings
dns = "systemd-resolved"; # Make sure networkmanager doesn't override our DNS settings
};

# DNS Config
networking.nameservers = [
"127.0.0.1"
"1.1.1.1"
];
services.resolved = {
enable = true;
dnsovertls = true;
fallbackDns = []; # Ensure we always go through dnscrypt-proxy
};

# Prevent IPv6 leaks when using VPNs
networking.enableIPv6 = false;
Expand Down Expand Up @@ -68,6 +69,9 @@
# server_names = [ ... ];
};
};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};

# MacGyver
systemd.services.macgyver = {
Expand All @@ -84,10 +88,6 @@
};
};

systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};

programs.wireshark.enable = true;
users.users.farlion.extraGroups = ["wireshark"];
}

0 comments on commit 19c07fc

Please sign in to comment.