lab-infra/machines/labcore01/unbound.nix
sinavir 3915b492c4 feat(labcore01): init
Lab's core infra vm, doing only dns64 for now.
2024-11-07 01:10:24 +01:00

20 lines
433 B
Nix

{
services.unbound = {
enable = true;
settings = {
server = {
verbosity = 5;
interface = [ "2a0e:e701:1120:1000::f:1" ];
access-control = [ "2a0e:e701:1120::/48 allow" ];
dns64-prefix = "64:ff9b::/96";
do-nat64 = "yes";
module-config = "\"dns64 validator iterator\"";
};
};
};
networking = {
firewall = {
allowedUDPPorts = [ 53 ];
};
};
}