Systemd/resolved: Difference between revisions
mNo edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 7: | Line 7: | ||
The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | ||
< | <syntaxhighlight lang="nix"> | ||
networking.nameservers = [ | networking.nameservers = [ | ||
"1.1.1.1 | "1.1.1.1" | ||
"1.0.0.1 | "1.0.0.1" | ||
]; | ]; | ||
| Line 18: | Line 18: | ||
domains = [ "~." ]; | domains = [ "~." ]; | ||
fallbackDns = [ | fallbackDns = [ | ||
"1.1.1.1 | "1.1.1.1" | ||
"1.0.0.1 | "1.0.0.1" | ||
]; | ]; | ||
dnsovertls = "true"; | dnsovertls = "true"; | ||
}; | }; | ||
</ | </syntaxhighlight> | ||
[[Category:systemd]] | [[Category:systemd]] | ||
[[Category:Networking]] | [[Category:Networking]] | ||
Latest revision as of 18:53, 14 May 2024
systemd-resolved is a systemd service that provides network name resolution to local applications via a D-Bus interface, the resolve NSS service (nss-resolve(8)), and a local DNS stub listener on 127.0.0.53. See systemd-resolved(8) for the usage.
Configuration
The following configuration configures resolved daemon to use the public DNS resolver provided by Cloudflare. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption.
networking.nameservers = [
"1.1.1.1"
"1.0.0.1"
];
services.resolved = {
enable = true;
dnssec = "true";
domains = [ "~." ];
fallbackDns = [
"1.1.1.1"
"1.0.0.1"
];
dnsovertls = "true";
};