summary refs log tree commit diff stats
path: root/system
diff options
context:
space:
mode:
authorAlan Pearce2020-09-10 15:00:31 +0200
committerAlan Pearce2020-09-10 15:01:10 +0200
commit1f7dd7ec5b9fb18a9a42138de3677b03ad9da387 (patch)
tree1ff1b7d1c860c361434d77a3fad9bf0eafab06a4 /system
parent56a7dc354602d54324a9cda7ce9121d53beaa05e (diff)
downloadnixfiles-1f7dd7ec5b9fb18a9a42138de3677b03ad9da387.tar.lz
nixfiles-1f7dd7ec5b9fb18a9a42138de3677b03ad9da387.tar.zst
nixfiles-1f7dd7ec5b9fb18a9a42138de3677b03ad9da387.zip
nextdns: support local DNS lookups (based on common router IPs)
Diffstat (limited to 'system')
-rw-r--r--system/modules/nextdns.nix9


1 files changed, 9 insertions, 0 deletions
diff --git a/system/modules/nextdns.nix b/system/modules/nextdns.nix
index ae7f6852..fabfb7cc 100644
--- a/system/modules/nextdns.nix
+++ b/system/modules/nextdns.nix
@@ -13,7 +13,16 @@ let
     enable = true;
     extraConfig = ''
       modules = { 'hints > iterate' }
+      localTrees = policy.todnames({
+        'lan.',
+        'home.',
+        '10.in-addr.arpa.',
+        '172.in-addr.arpa.',
+        '192.in-addr.arpa.'
+      })
       hints.add_hosts()
+      policy.add(policy.suffix(policy.FLAGS({'NO_CACHE'}), localTrees))
+      policy.add(policy.suffix(policy.STUB({ '192.168.0.1', '192.168.1.1', '172.30.42.1', '10.0.0.1' }), localTrees))
       policy.add(policy.all(policy.TLS_FORWARD({
         {'45.90.28.0', hostname='${identifyingPrefix}${cfg.configID}.dns1.nextdns.io'},
         {'2a07:a8c0::', hostname='${identifyingPrefix}${cfg.configID}.dns1.nextdns.io'},

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-25 20:58:13 +0000