il 2: move dnscrypt & dnsmasq to dns-stuff.nix

author: lassulus <lass@lassul.us> 2017-05-22 17:28:19 +0200
committer: lassulus <lass@lassul.us> 2017-05-22 17:28:19 +0200
commit: 7545d799ddb4d4cb79a51fda3ac95262bdc15d22 (patch)
tree: 011143acd6a12fb96b7725311a91a188796c445c /lass
parent: fee2fa19585403a568242f3bdd870477b9cf97e7 (diff)
3 files changed, 32 insertions, 9 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 65dc6b6e..3e2e325d 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -10,6 +10,7 @@ in {
     ./copyq.nix
     ./xresources.nix
     ./livestream.nix
+    ./dns-stuff.nix
     {
       hardware.pulseaudio = {
         enable = true;
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index ffed5bb7..d7deb316 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -63,15 +63,6 @@ with import <stockholm/lib>;
         pkgs.pythonPackages.python
       ];
     }
-    {
-      services.dnscrypt-proxy = {
-        enable = true;
-        resolverName = "cs-de";
-      };
-      networking.extraResolvconfConf = ''
-        name_servers='127.0.0.1'
-      '';
-    }
   ];
 
   networking.hostName = config.krebs.build.host.name;
diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix
new file mode 100644
index 00000000..b52d3050
--- /dev/null
+++ b/lass/2configs/dns-stuff.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+  services.dnscrypt-proxy = {
+    enable = true;
+    localAddress = "127.1.0.1";
+    resolverName = "cs-de";
+  };
+  services.dnsmasq = {
+    enable = true;
+    extraConfig = ''
+      server=127.1.0.1
+      server=/dn42/172.23.75.6
+      #no-resolv
+      cache-size=1000
+      min-cache-ttl=3600
+      bind-dynamic
+      all-servers
+      dnssec
+      trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
+      address=/blog/127.0.0.1
+      address=/blog/::1
+      rebind-domain-ok=/onion/
+      server=/.onion/127.0.0.1#9053
+      port=53
+    '';
+  };
+  networking.extraResolvconfConf = ''
+    name_servers='127.0.0.1'
+  '';
+}
author	lassulus <lass@lassul.us>	2017-05-22 17:28:19 +0200
committer	lassulus <lass@lassul.us>	2017-05-22 17:28:19 +0200
commit	7545d799ddb4d4cb79a51fda3ac95262bdc15d22 (patch)
tree	011143acd6a12fb96b7725311a91a188796c445c /lass
parent	fee2fa19585403a568242f3bdd870477b9cf97e7 (diff)