Systemd/resolved: Difference between revisions
mNo edit summary |
→Configuration: Cleanup |
||
| Line 7: | Line 7: | ||
The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | The following configuration configures resolved daemon to use the public DNS resolver provided by [https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/ Cloudflare]. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption. | ||
< | <syntaxhighlight lang="nix"> | ||
services.resolved = { | services.resolved = { | ||
enable = true; | enable = true; | ||
| Line 18: | Line 13: | ||
domains = [ "~." ]; | domains = [ "~." ]; | ||
fallbackDns = [ | fallbackDns = [ | ||
"1.1.1.1 | "1.1.1.1" | ||
"1.0.0.1 | "1.0.0.1" | ||
]; | ]; | ||
dnsovertls = "true"; | dnsovertls = "true"; | ||
}; | }; | ||
</ | </syntaxhighlight> | ||
[[Category:systemd]] | [[Category:systemd]] | ||
[[Category:Networking]] | [[Category:Networking]] | ||
Revision as of 12:30, 13 May 2024
systemd-resolved is a systemd service that provides network name resolution to local applications via a D-Bus interface, the resolve NSS service (nss-resolve(8)), and a local DNS stub listener on 127.0.0.53. See systemd-resolved(8) for the usage.
Configuration
The following configuration configures resolved daemon to use the public DNS resolver provided by Cloudflare. DNSSEC and DNS-over-TLS is enabled for authenticity and encryption.
services.resolved = {
enable = true;
dnssec = "true";
domains = [ "~." ];
fallbackDns = [
"1.1.1.1"
"1.0.0.1"
];
dnsovertls = "true";
};