summary refs log tree commit diff
path: root/host/Rory-ovh/services/containers/shared.nix
diff options
context:
space:
mode:
Diffstat (limited to 'host/Rory-ovh/services/containers/shared.nix')
-rw-r--r--host/Rory-ovh/services/containers/shared.nix28
1 files changed, 27 insertions, 1 deletions
diff --git a/host/Rory-ovh/services/containers/shared.nix b/host/Rory-ovh/services/containers/shared.nix

index f267ff0..7bad188 100644 --- a/host/Rory-ovh/services/containers/shared.nix +++ b/host/Rory-ovh/services/containers/shared.nix
@@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, lib, config, ... }: { environment.systemPackages = with pkgs; [ neofetch @@ -14,4 +14,30 @@ jq dig ]; + + networking.resolvconf.enable = false; + networking.nameservers = [ + "1.1.1.1" + "1.0.0.1" + "8.8.8.8" + "8.4.4.8" + ]; + + environment.etc."resolv.conf" = lib.mkDefault { + text = lib.concatStringsSep "\n" ( + lib.optionals (config.networking ? nameservers) (map (nameserver: "nameserver ${nameserver}") (config.networking.nameservers)) + #++ lib.optionals (config.networking ? enableIPv6 && !config.networking.enableIPv6) [ "options no-aaaa" ] + ++ lib.optionals (config.networking ? enableIPv6 && config.networking.enableIPv6) [ + "options single-request" + "options single-request-reopen" + "options inet6" + ] + ); + }; + + services.resolved = { + enable = lib.mkForce false; + dnssec = lib.mkForce "false"; + dnsovertls = lib.mkForce "false"; + }; }