diff options
author | tzlil <tzlils@protonmail.com> | 2022-12-13 15:21:30 +0200 |
---|---|---|
committer | tzlil <tzlils@protonmail.com> | 2022-12-13 15:21:30 +0200 |
commit | f51f8e398fffe33dcbb4b9f9db95708e7a3dde82 (patch) | |
tree | 08a9c853a29b01c53be526aecc8d2505f5086af5 /profiles/network.nix | |
parent | 24637dfdfdd6dc8d116542f16a07d808c9e43c36 (diff) |
stuff
Diffstat (limited to 'profiles/network.nix')
-rw-r--r-- | profiles/network.nix | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/profiles/network.nix b/profiles/network.nix index 5aee7a1..8e6a83d 100644 --- a/profiles/network.nix +++ b/profiles/network.nix @@ -15,5 +15,29 @@ nameservers = ["127.0.0.1" "::1"]; networkmanager.dns = "none"; }; + + services.dnscrypt-proxy2 = { + enable = true; + settings = { + ipv6_servers = true; + require_dnssec = true; + + sources.public-resolvers = { + urls = [ + "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" + "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" + ]; + cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; + minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + }; + + # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md + # server_names = [ ... ]; + }; + }; + + systemd.services.dnscrypt-proxy2.serviceConfig = { + StateDirectory = "dnscrypt-proxy"; + }; }; } \ No newline at end of file |