anonymous dns module
This commit is contained in:
parent
3afeaa8934
commit
9ee0b504b1
@ -7,8 +7,6 @@
|
||||
};
|
||||
|
||||
networking = {
|
||||
nameservers = [ "127.0.0.1" "::1" ];
|
||||
dhcpcd.extraConfig = "nohook resolv.conf";
|
||||
firewall = pkgs.lib.mkForce {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
@ -62,31 +60,6 @@
|
||||
PermitRootLogin = "prohibit-password";
|
||||
};
|
||||
};
|
||||
dnscrypt-proxy2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
cache = false;
|
||||
ipv4_servers = true;
|
||||
ipv6_servers = true;
|
||||
dnscrypt_servers = true;
|
||||
doh_servers = false;
|
||||
odoh_servers = false;
|
||||
require_dnssec = true;
|
||||
require_nolog = true;
|
||||
require_nofilter = true;
|
||||
anonymized_dns = {
|
||||
routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }];
|
||||
};
|
||||
sources.public-resolvers = {
|
||||
urls = [
|
||||
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
|
||||
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
|
||||
];
|
||||
cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
|
||||
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd = {
|
||||
timers = {
|
||||
|
@ -22,7 +22,7 @@ in
|
||||
nova-nonya = novaConfig (with mods; [ ivand anon cryptocurrency ]);
|
||||
nova-ai = novaConfig (with mods; [ ivand ai ]);
|
||||
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
|
||||
vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output ]); };
|
||||
vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output anonymous-dns ]); };
|
||||
stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); };
|
||||
};
|
||||
}
|
||||
|
@ -451,5 +451,38 @@ top@{ inputs, moduleWithSystem, ... }: {
|
||||
};
|
||||
};
|
||||
});
|
||||
anonymous-dns = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: {
|
||||
networking = {
|
||||
nameservers = [ "127.0.0.1" "::1" ];
|
||||
dhcpcd.extraConfig = "nohook resolv.conf";
|
||||
};
|
||||
services = {
|
||||
dnscrypt-proxy2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
cache = false;
|
||||
ipv4_servers = true;
|
||||
ipv6_servers = true;
|
||||
dnscrypt_servers = true;
|
||||
doh_servers = false;
|
||||
odoh_servers = false;
|
||||
require_dnssec = true;
|
||||
require_nolog = true;
|
||||
require_nofilter = true;
|
||||
anonymized_dns = {
|
||||
routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }];
|
||||
};
|
||||
sources.public-resolvers = {
|
||||
urls = [
|
||||
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
|
||||
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
|
||||
];
|
||||
cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
|
||||
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user