From 800b426b71e64556be79c1915540f24dab72209e Mon Sep 17 00:00:00 2001 From: azahi Date: Tue, 22 Oct 2024 01:50:45 +0300 Subject: 2024-10-22 --- lib/dns.nix | 92 +++++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 56 insertions(+), 36 deletions(-) (limited to 'lib/dns.nix') diff --git a/lib/dns.nix b/lib/dns.nix index da1f1f2..c0e4641 100644 --- a/lib/dns.nix +++ b/lib/dns.nix @@ -1,46 +1,66 @@ { lib, inputs, ... }: with lib; recursiveUpdate inputs.dns.lib { + mkDoT = { ips, tls }: map (ip: "${ip}#${tls}") ips; + const = { quad9 = { - default = [ - "9.9.9.9" - "149.112.112.112" - "2620:fe::fe" - "2620:fe::9" - ]; - unsecured = [ - "9.9.9.10" - "149.112.112.10" - "2620:fe::10" - "2620:fe::fe:10" - ]; - ecs = [ - "9.9.9.11" - "149.112.112.11" - "2620:fe::11" - "2620:fe::fe:11" - ]; + default = { + ips = [ + "9.9.9.9" + "149.112.112.112" + "2620:fe::fe" + "2620:fe::9" + ]; + tls = "dns.quad9.net"; + }; + unsecured = { + ips = [ + "9.9.9.10" + "149.112.112.10" + "2620:fe::10" + "2620:fe::fe:10" + ]; + tls = "dns10.quad9.net"; + }; + ecs = { + ips = [ + "9.9.9.11" + "149.112.112.11" + "2620:fe::11" + "2620:fe::fe:11" + ]; + tls = "dns11.quad9.net"; + }; }; cloudflare = { - default = [ - "1.1.1.1" - "1.0.0.1" - "2606:4700:4700::1111" - "2606:4700:4700::1001" - ]; - blocking = [ - "1.1.1.2" - "1.0.0.2" - "2606:4700:4700::1112" - "2606:4700:4700::1002" - ]; - blockingPlus = [ - "1.1.1.3" - "1.0.0.3" - "2606:4700:4700::1113" - "2606:4700:4700::1003" - ]; + default = { + ips = [ + "1.1.1.1" + "1.0.0.1" + "2606:4700:4700::1111" + "2606:4700:4700::1001" + ]; + tls = "cloudflare-dns.com"; + }; + security = { + ips = [ + "1.1.1.2" + "1.0.0.2" + "2606:4700:4700::1112" + "2606:4700:4700::1002" + ]; + tls = "security.cloudflare-dns.com"; + }; + family = { + ips = [ + "1.1.1.3" + "1.0.0.3" + "2606:4700:4700::1113" + "2606:4700:4700::1003" + ]; + tls = "family.cloudflare-dns.com"; + }; }; }; } -- cgit 1.4.1