From a1facf530f8ca610e25781d1ef1e07f174550942 Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sun, 25 Jul 2021 23:07:41 +0200
Subject: [PATCH] fuuko: Use plain DNS again

DNS over HTTPS often is unreliable in practice (did not empirically test
this).
---
 machines/fuuko/services/dnsmasq.nix | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

diff --git a/machines/fuuko/services/dnsmasq.nix b/machines/fuuko/services/dnsmasq.nix
index d7b6361..e8068b2 100644
--- a/machines/fuuko/services/dnsmasq.nix
+++ b/machines/fuuko/services/dnsmasq.nix
@@ -19,8 +19,7 @@
       dhcp-option=option:router,192.168.100.1
     '';
     servers = [
-      "127.0.0.1#5353"
-      "::1#5353"
+      "194.150.168.168" # dns.as250.net
     ];
   };
 
@@ -36,20 +35,6 @@
     leasesPath = "/var/lib/dnsmasq/dnsmasq.leases";
   };
 
-  systemd.services.https-dns-proxy = {
-    after = [ "network.target" ];
-    before = [ "nss-lookup.target" ];
-    wantedBy = [ "multi-user.target" ];
-
-    serviceConfig = {
-      Type = "simple";
-      ExecStart = "${pkgs.https-dns-proxy}/bin/https_dns_proxy -p 5353 -r https://dns.digitale-gesellschaft.ch/dns-query";
-      Restart = "on-failure";
-      TimeoutStopSec = "10";
-      DynamicUser = true;
-    };
-  };
-
   networking.firewall.allowedUDPPorts = [ 53 67 ];
   networking.firewall.allowedTCPPorts = [ 53 ];
 }