diff options
| author | Alan Pearce | 2024-05-12 00:33:24 +0200 |
|---|---|---|
| committer | Alan Pearce | 2024-05-12 00:33:24 +0200 |
| commit | db6630b0ea195ae26ea42ab58df44f7367a24adb (patch) | |
| tree | 63aa7897ad0f3e23b966db12fee5cfbaa9a7c0cf /system | |
| parent | 9fd6c4a4d3ec4f0e4e11b7b3faa0dfbeb6d02705 (diff) | |
| download | nixfiles-db6630b0ea195ae26ea42ab58df44f7367a24adb.tar.lz nixfiles-db6630b0ea195ae26ea42ab58df44f7367a24adb.tar.zst nixfiles-db6630b0ea195ae26ea42ab58df44f7367a24adb.zip | |
nanopi: disable DoH server (no public IPv4 address)
Diffstat (limited to 'system')
| -rwxr-xr-x | system/nanopi.nix | 19 |
1 files changed, 1 insertions, 18 deletions
diff --git a/system/nanopi.nix b/system/nanopi.nix index 070d4d43..9fc41095 100755 --- a/system/nanopi.nix +++ b/system/nanopi.nix @@ -768,18 +768,6 @@ in interface = "bridge0"; }; - security.acme = { - acceptTerms = true; - defaults.email = "tls@alanpearce.eu"; - certs."dns.alanpearce.eu" = { - reloadServices = map (x: "kresd@${toString x}") (lib.range 1 config.services.kresd.instances); - dnsProvider = "pdns"; - dnsResolver = "1.1.1.1:53"; - credentialsFile = config.age.secrets.acme.path; - group = "knot-resolver"; - }; - }; - services.smartdns = { enable = false; bindPort = "5533"; @@ -808,13 +796,8 @@ in instances = 4; listenPlain = [ "[::1]:5553" ]; # listenTLS = [ "853" ]; - listenDoH = [ "[::1]:5443" ]; + # listenDoH = [ "[::1]:5443" ]; extraConfig = '' - net.tls( - '/var/lib/acme/dns.alanpearce.eu/cert.pem', - '/var/lib/acme/dns.alanpearce.eu/key.pem' - ) - -- Load useful modules modules = { 'serve_stale < cache', |