hyl.st / helm
this repo has no description
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

working split dns

Anish Lakhwara 9723f79d 03b1edc9

+12 -7
+12 -7
hosts/profiles/dns/default.nix
··· 44 44 settings = { 45 45 server = { 46 46 include = "${adblockLocalZones}"; 47 + prefetch = "yes"; 48 + # private-address = "10.0.69.0/8"; 49 + # private-address = "192.168.1.0/24"; 50 + cache-min-ttl = 0; 51 + serve-expired = "yes"; 47 52 interface = [ "0.0.0.0" ]; 48 - access-control = [ "127.0.0.0/24 allow" "192.168.0.0/24 allow" "10.0.69.0/24 allow" ]; 53 + access-control = [ "127.0.0.0/8 allow" "192.168.1.0/24 allow" "10.0.69.0/24 allow" ]; 49 54 access-control-view = "10.0.69.0/24 wireguard"; 55 + # so-reuseport = "yes"; 56 + tls-upstream = "yes"; 57 + domain-insecure = "mossnet.lan"; 50 58 local-zone = ''"mossnet.lan." redirect''; 51 59 local-data = ''"mossnet.lan. IN A ${mossnet}"''; 52 60 }; 53 61 forward-zone = [{ 54 62 name = "."; 55 - forward-addr = [ "45.90.30.49" "45.90.28.49" "1.1.1.1" "8.8.8.8" ]; 63 + forward-addr = [ "45.90.28.0#6939b9.dns.nextdns.io" "1.1.1.1@853#cloudflare-dns.com" ]; 64 + # non-tls 65 + # forward-addr = ["45.90.30.49" "45.90.28.49" "1.1.1.1" "8.8.8.8"] 56 66 }]; 57 67 view = { 58 68 name = "wireguard"; 59 69 local-zone = ''"mossnet.lan." redirect''; 60 70 local-data = ''"mossnet.lan. IN A ${wg-mossnet}"''; 61 71 }; 62 - do-not-query-localhost = "no"; 63 - # Eventually we'll add DNSSEC / DoT 64 - # so-reuseport: yes 65 - # tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt 66 - # tls-upstream: yes 67 72 }; 68 73 }; 69 74