nixos-module/container/dnscache: tuning
This commit is contained in:
parent
e79bb4e297
commit
266fed1c13
|
@ -23,22 +23,17 @@ lib.mkIf config.site.hosts.${hostName}.services.dnscache.enable {
|
||||||
control-enable: yes
|
control-enable: yes
|
||||||
control-use-cert: no
|
control-use-cert: no
|
||||||
|
|
||||||
forward-zone:
|
|
||||||
name: "."
|
|
||||||
forward-tls-upstream: yes
|
|
||||||
# Quad9
|
|
||||||
forward-addr: 2620:fe::fe@853#dns.quad9.net
|
|
||||||
forward-addr: 9.9.9.9@853#dns.quad9.net
|
|
||||||
forward-addr: 2620:fe::9@853#dns.quad9.net
|
|
||||||
forward-addr: 149.112.112.112@853#dns.quad9.net
|
|
||||||
# Cloudflare DNS
|
|
||||||
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
|
|
||||||
forward-addr: 1.1.1.1@853#cloudflare-dns.com
|
|
||||||
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
|
|
||||||
forward-addr: 1.0.0.1@853#cloudflare-dns.com
|
|
||||||
|
|
||||||
server:
|
server:
|
||||||
|
num-threads: 4
|
||||||
|
verbosity: 1
|
||||||
|
prefetch: yes
|
||||||
|
serve-expired: yes
|
||||||
|
cache-min-ttl: 60
|
||||||
|
cache-max-ttl: 3600
|
||||||
|
|
||||||
|
# For DNS over TLS
|
||||||
tls-cert-bundle: ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
|
tls-cert-bundle: ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
|
||||||
|
|
||||||
# allow reverse lookup of rfc1918 space, which includes the DN42 address space
|
# allow reverse lookup of rfc1918 space, which includes the DN42 address space
|
||||||
unblock-lan-zones: yes
|
unblock-lan-zones: yes
|
||||||
insecure-lan-zones: yes
|
insecure-lan-zones: yes
|
||||||
|
@ -62,6 +57,20 @@ lib.mkIf config.site.hosts.${hostName}.services.dnscache.enable {
|
||||||
local-zone: "200.10.in-addr.arpa." nodefault
|
local-zone: "200.10.in-addr.arpa." nodefault
|
||||||
local-zone: "201.10.in-addr.arpa." nodefault
|
local-zone: "201.10.in-addr.arpa." nodefault
|
||||||
|
|
||||||
|
forward-zone:
|
||||||
|
name: "."
|
||||||
|
forward-tls-upstream: yes
|
||||||
|
# Quad9
|
||||||
|
forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||||
|
forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||||
|
forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||||
|
forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||||
|
# Cloudflare DNS
|
||||||
|
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
|
||||||
|
forward-addr: 1.1.1.1@853#cloudflare-dns.com
|
||||||
|
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
|
||||||
|
forward-addr: 1.0.0.1@853#cloudflare-dns.com
|
||||||
|
|
||||||
# Local networks
|
# Local networks
|
||||||
|
|
||||||
forward-zone:
|
forward-zone:
|
||||||
|
|
Loading…
Reference in New Issue