2023-10-25

1 files changed, 12 insertions, 8 deletions

diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index bbf91ac..4d21fd2 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -94,6 +94,15 @@ in {
                   attr.domains)))
               my.configurations);
 
+              private-domain = map (domain: "${domain}.") [
+                cfg.domain
+                "local"
+              ];
+              private-address = with config.nixfiles.modules.wireguard; [
+                ipv4.subnet
+                ipv6.subnet
+              ];
+
               access-control = with config.nixfiles.modules.wireguard; [
                 "0.0.0.0/0 refuse"
                 "::/0 refuse"
@@ -103,12 +112,6 @@ in {
                 "${ipv6.subnet} allow"
               ];
 
-              private-domain = "${cfg.domain}.";
-              private-address = with config.nixfiles.modules.wireguard; [
-                ipv4.subnet
-                ipv6.subnet
-              ];
-
               cache-min-ttl = 0;
 
               serve-expired = true;
@@ -174,7 +177,7 @@ in {
                     name = "unbound-adblock-update";
                     runtimeInputs = [curl package];
                     text = ''
-                      curl \
+                      curl -s \
                         "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \
                         >${adblock-conf}
 
@@ -191,7 +194,8 @@ in {
         timers.unbound-adblock-update = {
           requires = ["network-online.target"];
           timerConfig = {
-            OnUnitActiveSec = "1d";
+            OnCalendar = "daily";
+            Persistent = true;
             Unit = "unbound-adblock-update.service";
           };
           wantedBy = ["timers.target"];