shinobu/router: Use dns over https

For some reason, this makes DNS more reliable.
This commit is contained in:
Simon Bruder 2023-09-20 22:11:24 +02:00
parent f1c70dce99
commit b10b83c207
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC

View file

@ -207,7 +207,6 @@ in
wg-upstream = { wg-upstream = {
name = "wg-upstream"; name = "wg-upstream";
address = [ "10.66.208.88/32" "fc00:bbbb:bbbb:bb01::3:d057/128" ]; address = [ "10.66.208.88/32" "fc00:bbbb:bbbb:bb01::3:d057/128" ];
dns = [ "10.64.0.1" ];
routingPolicyRules = [ routingPolicyRules = [
{ {
routingPolicyRuleConfig = { routingPolicyRuleConfig = {
@ -313,9 +312,8 @@ in
# but from lan instead. # but from lan instead.
# So it has to use static configuration. # So it has to use static configuration.
host-record = "switchviech,switchviech.${domain},10.80.1.19"; host-record = "switchviech,switchviech.${domain},10.80.1.19";
server = config.systemd.network.networks.wg-upstream.dns ++ [ server = [
#"9.9.9.9" # dns.quad9.net "127.0.0.1#5053"
#"2620:fe::fe"
]; ];
}; };
}; };
@ -387,4 +385,13 @@ in
UMask = "0077"; UMask = "0077";
}; };
}; };
services.https-dns-proxy = {
enable = true;
provider = {
kind = "custom";
ips = [ "9.9.9.9" "149.112.112.112" ];
url = "https://dns.quad9.net/dns-query";
};
};
} }