diff options
Diffstat (limited to 'modules/nixos/unbound.nix')
-rw-r--r-- | modules/nixos/unbound.nix | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix index bbf91ac..4d21fd2 100644 --- a/modules/nixos/unbound.nix +++ b/modules/nixos/unbound.nix @@ -94,6 +94,15 @@ in { attr.domains))) my.configurations); + private-domain = map (domain: "${domain}.") [ + cfg.domain + "local" + ]; + private-address = with config.nixfiles.modules.wireguard; [ + ipv4.subnet + ipv6.subnet + ]; + access-control = with config.nixfiles.modules.wireguard; [ "0.0.0.0/0 refuse" "::/0 refuse" @@ -103,12 +112,6 @@ in { "${ipv6.subnet} allow" ]; - private-domain = "${cfg.domain}."; - private-address = with config.nixfiles.modules.wireguard; [ - ipv4.subnet - ipv6.subnet - ]; - cache-min-ttl = 0; serve-expired = true; @@ -174,7 +177,7 @@ in { name = "unbound-adblock-update"; runtimeInputs = [curl package]; text = '' - curl \ + curl -s \ "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \ >${adblock-conf} @@ -191,7 +194,8 @@ in { timers.unbound-adblock-update = { requires = ["network-online.target"]; timerConfig = { - OnUnitActiveSec = "1d"; + OnCalendar = "daily"; + Persistent = true; Unit = "unbound-adblock-update.service"; }; wantedBy = ["timers.target"]; |