[Network] Force DNS to be Cloudflare

2026-04-05 17:27:50 +00:00 · 2022-06-09 01:18:21 +02:00 · 2022-06-09 01:18:21 +02:00 · c8552eb989
commit c8552eb989
parent 9615339fb2
1 changed files with 10 additions and 1 deletions
--- a/network.nix
+++ b/network.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, myLib, ... }:
 with lib;
 let
  cfg = config.aviallon.network;
@ -36,6 +36,15 @@ in
      enable = (cfg.dns == "systemd-resolved");
      llmnr = mkForce "false"; # https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
      dnssec = "false"; # Causes issues with masquerading DNS
+      extraConfig = myLib.config.toSystemd {
+        "DNS" = [
+          # cloudflare-dns.com
+          "1.1.1.1"
+          "2606:4700:4700::1111"
+          "1.0.0.1"
+          "2606:4700:4700::1001"
+        ];
+      };
    };

    services.unbound.enable = (cfg.dns == "unbound");