Systemd/resolved: Difference between revisions
use nixos config module |
m Typo 'fallbackdns' should be 'fallbackDns'. (with capital D) |
||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 12: | Line 12: | ||
= Configuration Example: Enforce secure DNS = | = Configuration Example: Enforce secure DNS = | ||
See also [[Encrypted DNS]]. | |||
The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | ||
| Line 26: | Line 28: | ||
dnssec = "true"; | dnssec = "true"; | ||
domains = [ "~." ]; | domains = [ "~." ]; | ||
dnsovertls = "true"; | |||
fallbackDns = [ | fallbackDns = [ | ||
"1.1.1.1" | "1.1.1.1" | ||
"1.0.0.1" | "1.0.0.1" | ||
]; | ]; | ||
}; | }; | ||
</syntaxhighlight> | </syntaxhighlight> | ||