all repos — nixfiles @ 6df345e70bd0c6180bc1711e0f4b7ab3fb564f25

System and user configuration, managed by nix and home-manager

Update dns server block lists

Alan Pearce
commit

6df345e70bd0c6180bc1711e0f4b7ab3fb564f25

parent

3f4828bd28af16177d2157ecd6c989a989f0b672

2 files changed, 10 insertions(+), 0 deletions(-)

jump to
M system/linde.nixsystem/linde.nix
@@ -431,6 +431,11 @@ false -- needs wrapped kresd
-- true -- will watch the file for updates )) + policy.add(policy.domains(policy.REFUSE, policy.todnames({ + 'use-application-dns.net', + 'telemetry.astro.build', + }))) + -- disable DNSSEC when using Quad9 since they do it -- trust_anchors.remove('.') -- policy.add(policy.all(policy.TLS_FORWARD({
M system/nanopi.nixsystem/nanopi.nix
@@ -850,6 +850,11 @@ {'2620:fe::11', hostname='dns11.quad9.net'},
{'2620:fe::fe:11', hostname='dns11.quad9.net'} }))) + policy.add(policy.domains(policy.REFUSE, policy.todnames({ + 'use-application-dns.net', + 'telemetry.astro.build', + }))) + -- policy.add(policy.rpz( -- policy.DENY_MSG('domain blocked by hblock'), -- '/etc/knot-resolver/blocklist.rpz',