Systemd/resolved: Difference between revisions
imported>Vater mNo edit summary |
imported>Onny Update option without requiring extraConfig |
||
| Line 14: | Line 14: | ||
domains = [ "~." ]; | domains = [ "~." ]; | ||
fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; | fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; | ||
dnsovertls = "true"; | |||
}; | }; | ||
</syntaxHighlight> | </syntaxHighlight> | ||
Revision as of 16:20, 28 February 2024
systemd-resolved is a systemd service that provides network name resolution to local applications via a D-Bus interface, the resolve NSS service (nss-resolve(8)), and a local DNS stub listener on 127.0.0.53. See systemd-resolved(8) for the usage.
Configuration
The following configuration configures resolved daemon to use the public DNS resolver provided by Cloudflare. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption.
networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
services.resolved = {
enable = true;
dnssec = "true";
domains = [ "~." ];
fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
dnsovertls = "true";
};