all repos — nixfiles @ 0850509b98ea91c8d63f219e52be4a7fe2a39987

System and user configuration, managed by nix and home-manager

system/settings/hardware/network-manager.nix (view raw)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
{ config, lib, pkgs, ... }:

let
  nextdnsConfig = "abd6e5";
  hostname = config.networking.hostName;
in
{
  networking = {
    networkmanager = {
      enable = true;
      dns = lib.mkForce "none";
    };
    resolvconf = {
      useLocalResolver = true;
    };
  };

  services.kresd = {
    enable = true;
    extraConfig = ''
      cache.size = 100*MB
      cache.min_ttl(3 * 3600)

      policy.add(policy.all(policy.TLS_FORWARD({
        {'45.90.28.0', hostname='${hostname}-${nextdnsConfig}.dns1.nextdns.io'},
        {'2a07:a8c0::', hostname='${hostname}-${nextdnsConfig}.dns1.nextdns.io'},
        {'45.90.30.0', hostname='${hostname}-${nextdnsConfig}.dns2.nextdns.io'},
        {'2a07:a8c1::', hostname='${hostname}-${nextdnsConfig}.dns2.nextdns.io'}
      })))
    '';
  };
  environment.systemPackages = with pkgs; [
    networkmanagerapplet
    networkmanager_dmenu
  ];
}