diff options
| author | Tim Keller <tjk@tjkeller.xyz> | 2025-12-30 23:38:51 -0600 |
|---|---|---|
| committer | Tim Keller <tjk@tjkeller.xyz> | 2025-12-30 23:38:51 -0600 |
| commit | d4db2f41db471ee25a03d9cdae37f55301b98f22 (patch) | |
| tree | f83cef60d485837f490b9ede4fec7e18055b9bd8 /archetypes/profiles/router/default.nix | |
| parent | 39180d50fd978a3a2106ce1d060e847e14eae38f (diff) | |
| download | nixos-d4db2f41db471ee25a03d9cdae37f55301b98f22.tar.xz nixos-d4db2f41db471ee25a03d9cdae37f55301b98f22.zip | |
unbound config in router profile is now services/router/dns.nix. unbound + dnsmasq config for local resolution and dhcp
Diffstat (limited to 'archetypes/profiles/router/default.nix')
| -rw-r--r-- | archetypes/profiles/router/default.nix | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/archetypes/profiles/router/default.nix b/archetypes/profiles/router/default.nix index 0818a6b..646982b 100644 --- a/archetypes/profiles/router/default.nix +++ b/archetypes/profiles/router/default.nix @@ -1,12 +1,28 @@ { lib, pkgs, ... }: let mkRouter = lib.mkOverride 800; - # TODO pass mkRouter - #imports = [ - # ./unbound.nix - #]; - - nixosConfig = {}; + nixosConfig = { + services.unbound = { + _blocklists = { + enable = true; + blocklists = { + hageziNSFW = [ + "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/rpz/nsfw.txt" + "https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/rpz/nsfw.txt" + "https://codeberg.org/hagezi/mirror2/raw/branch/main/dns-blocklists/rpz/nsfw.txt" + ]; + hageziPro = [ + "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/rpz/pro.txt" + "https://gitlab.com/hagezi/mirror/-/raw/main/dns-blocklists/rpz/pro.txt" + "https://codeberg.org/hagezi/mirror2/raw/branch/main/dns-blocklists/rpz/pro.txt" + ]; + }; + }; + }; + services._router.dnsDhcpConfig = { + enable = mkRouter true; + }; + }; homeConfig = {}; in { |