dns: setup dnssec (need to backup the required folders later)

Also it cleared out the spam of errors
This commit is contained in:
silver 2023-04-25 15:11:02 +01:00
parent c0f160faa3
commit 4052aeac6b

View file

@ -88,9 +88,9 @@ in {
''; '';
# piles of no valid RRSIG resolving 'com/DS/IN' errors # piles of no valid RRSIG resolving 'com/DS/IN' errors
#extraOptions = '' extraOptions = ''
# dnssec-validation auto; dnssec-validation yes;
#''; '';
# set the upstream dns servers # set the upstream dns servers
# overrides the default dns servers # overrides the default dns servers
@ -126,7 +126,12 @@ in {
*/ */
"skynet.ie" = { "skynet.ie" = {
extraConfig = "allow-update { key rfc2136key.skynet.ie.; };"; extraConfig = ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
'';
# really wish teh nixos config didnt use master/slave # really wish teh nixos config didnt use master/slave
master = true; master = true;
slaves = [ ]; slaves = [ ];