23 lines
546 B
Nix
23 lines
546 B
Nix
let
|
|
blocklist = builtins.fetchurl {
|
|
sha256 = "sha256:16xcx2z8ziv2fbqhr4ajayxblcs4i1ckrwnf50iina9asgia18za";
|
|
url =
|
|
"https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt";
|
|
};
|
|
in
|
|
{
|
|
networking.firewall.allowedTCPPorts = [ 53 ];
|
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
|
|
|
services.dnsmasq = {
|
|
enable = true;
|
|
servers = [ "1.1.1.1" "8.8.8.8" "8.8.4.4" ];
|
|
extraConfig = ''
|
|
cache-size=10000
|
|
log-queries
|
|
local-ttl=300
|
|
|
|
conf-file=${blocklist}
|
|
'';
|
|
};
|
|
}
|