fuuko: Use plain DNS again

DNS over HTTPS often is unreliable in practice (did not empirically test
this).
This commit is contained in:
Simon Bruder 2021-07-25 23:07:41 +02:00
parent e5d82f7087
commit a1facf530f
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC

View file

@ -19,8 +19,7 @@
dhcp-option=option:router,192.168.100.1
'';
servers = [
"127.0.0.1#5353"
"::1#5353"
"194.150.168.168" # dns.as250.net
];
};
@ -36,20 +35,6 @@
leasesPath = "/var/lib/dnsmasq/dnsmasq.leases";
};
systemd.services.https-dns-proxy = {
after = [ "network.target" ];
before = [ "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.https-dns-proxy}/bin/https_dns_proxy -p 5353 -r https://dns.digitale-gesellschaft.ch/dns-query";
Restart = "on-failure";
TimeoutStopSec = "10";
DynamicUser = true;
};
};
networking.firewall.allowedUDPPorts = [ 53 67 ];
networking.firewall.allowedTCPPorts = [ 53 ];
}