diff options
Diffstat (limited to 'sys/ns/nsd.nix')
| -rw-r--r-- | sys/ns/nsd.nix | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/sys/ns/nsd.nix b/sys/ns/nsd.nix new file mode 100644 index 0000000..46ec1e6 --- /dev/null +++ b/sys/ns/nsd.nix @@ -0,0 +1,37 @@ +{ config, lib, ... }: +with lib; let + cfg = config.local.ns.server; +in +{ + options.local.ns.server = { + enable = mkEnableOption "nsd authoritative server"; + }; + + config = mkIf cfg.enable { + networking.firewall = + let + inherit (config.services.nsd) port; + in + { + allowedTCPPorts = [ port ]; + allowedUDPPorts = [ port ]; + }; + + services.nsd = { + enable = true; + + ipFreebind = true; + + bind8Stats = true; + statistics = 3600; + + tcpCount = 128; + tcpTimeout = 30; + tcpQueryCount = 128; + + zones = mapAttrs + (_: zone: { data = zone.content; }) + config.local.ns.zones; + }; + }; +} |