Skynet/nixos
6
1
Fork 0
Code Issues 43 Pull requests 1 Projects Releases Packages Wiki Activity Actions

dns: setup dnssec (need to backup the required folders later)

Browse source 
Also it cleared out the spam of errors
This commit is contained in:
silver 2023-04-25 15:11:02 +01:00
parent c0f160faa3
commit 4052aeac6b
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
applications/dns.nix
View file

@ -88,9 +88,9 @@ in {
'';
# piles of no valid RRSIG resolving 'com/DS/IN' errors
#extraOptions = ''
# dnssec-validation auto;
#'';
extraOptions = ''
dnssec-validation yes;
'';
# set the upstream dns servers
# overrides the default dns servers
@ -126,7 +126,12 @@ in {
*/
"skynet.ie" = {
extraConfig = "allow-update { key rfc2136key.skynet.ie.; };";
extraConfig = ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
'';
# really wish teh nixos config didnt use master/slave
master = true;
slaves = [ ];