Feat: Add Unbound DNS resolver

2025-11-05 13:36:42 +01:00 · 2025-11-05 13:36:42 +01:00 · f9c1d9a027
commit f9c1d9a027
parent 2eddbf32a4
1 changed files with 42 additions and 22 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -121,6 +121,26 @@
  ];
  # networking.firewall.allowedUDPPorts = [ ... ];

+  services.unbound = {
+    enable = true;
+    settings = {
+      server = {
+        interface = [
+          "127.0.0.1"
+          "172.17.0.1"
+        ]; # 172.17.0.1 is docker container network mask
+        verbosity = 1;
+        access-control = [
+          "127.0.0.0/8 allow"
+          "172.17.0.1/16 allow"
+          "192.168.0.0/16 allow"
+        ];
+      };
+    };
+    resolveLocalQueries = true;
+  };
+  services.resolved.enable = false;
+
  # Garbage collection to remove old NixOs iterations
  nix.gc = {
    automatic = true;