27 lines
582 B
Nix
27 lines
582 B
Nix
{lib, ...}: {
|
|
networking = {
|
|
useNetworkd = true;
|
|
dhcpcd.enable = false;
|
|
# allow mdns port
|
|
firewall.allowedUDPPorts = [5353];
|
|
};
|
|
systemd.network = {
|
|
enable = true;
|
|
wait-online.anyInterface = true;
|
|
};
|
|
system.nssDatabases.hosts = lib.mkMerge [
|
|
(lib.mkBefore ["mdns_minimal [NOTFOUND=return]"])
|
|
(lib.mkAfter ["mdns"])
|
|
];
|
|
services.resolved = {
|
|
enable = true;
|
|
# man I whish dnssec would be viable to use
|
|
dnssec = "allow-downgrade";
|
|
llmnr = "false";
|
|
extraConfig = ''
|
|
Domains=~.
|
|
MulticastDNS=true
|
|
'';
|
|
};
|
|
}
|