WIP: move nixos modules

2023-05-14 23:40:45 +02:00 · 2023-05-14 23:40:45 +02:00 · 2a5983344d
commit 2a5983344d
parent d725c3b788
29 changed files with 65 additions and 115 deletions
--- a/modules/nixos/dnsmasq.nix
+++ b/modules/nixos/dnsmasq.nix
@ -0,0 +1,23 @@
+let
+  blocklist = builtins.fetchurl {
+    sha256 = "sha256:16xcx2z8ziv2fbqhr4ajayxblcs4i1ckrwnf50iina9asgia18za";
+    url =
+      "https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt";
+  };
+in
+{
+  networking.firewall.allowedTCPPorts = [ 53 ];
+  networking.firewall.allowedUDPPorts = [ 53 ];
+
+  services.dnsmasq = {
+    enable = true;
+    servers = [ "1.1.1.1" "8.8.8.8" "8.8.4.4" ];
+    extraConfig = ''
+      cache-size=10000
+      log-queries
+      local-ttl=300
+
+      conf-file=${blocklist}
+    '';
+  };
+}