From 704c91ff20a34e09d76ecb5bf0592edb2c4d1a30 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Mon, 16 Dec 2024 21:34:44 +0100 Subject: [PATCH] undo the tls dns stuff it's clearly not working --- nixos/hosts/wheatley/configuration.nix | 106 +++++++++++++------------ 1 file changed, 55 insertions(+), 51 deletions(-) diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index d19ff26..ae477f8 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -62,59 +62,63 @@ # Configure DNS servers manually (this example uses Cloudflare and Google DNS) # IPv6 DNS servers can be used here as well. networking.nameservers = [ - "127.0.0.1" - "::1" + # "127.0.0.1" + # "::1" + "94.140.14.49" + "94.140.14.59" + "2a10:50c0:0:0:0:0:ded:ff" + "2a10:50c0:0:0:0:0:ded:ff" ]; - services.stubby = { - enable = true; - settings = - pkgs.stubby.passthru.settingsExample - // { - upstream_recursive_servers = [ - { - address_data = "94.140.14.49"; - tls_auth_name = "4b921896.d.adguard-dns.com"; - tls_pubkey_pinset = [ - { - digest = "sha256"; - value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; - } - ]; - } - { - address_data = "94.140.14.59"; - tls_auth_name = "4b921896.d.adguard-dns.com"; - tls_pubkey_pinset = [ - { - digest = "sha256"; - value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; - } - ]; - } - { - address_data = "2a10:50c0:0:0:0:0:ded:ff"; - tls_auth_name = "4b921896.d.adguard-dns.com"; - tls_pubkey_pinset = [ - { - digest = "sha256"; - value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; - } - ]; - } - { - address_data = "2a10:50c0:0:0:0:0:dad:ff"; - tls_auth_name = "4b921896.d.adguard-dns.com"; - tls_pubkey_pinset = [ - { - digest = "sha256"; - value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; - } - ]; - } - ]; - }; - }; + # services.stubby = { + # enable = true; + # settings = + # pkgs.stubby.passthru.settingsExample + # // { + # upstream_recursive_servers = [ + # { + # address_data = "94.140.14.49"; + # tls_auth_name = "4b921896.d.adguard-dns.com"; + # tls_pubkey_pinset = [ + # { + # digest = "sha256"; + # value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; + # } + # ]; + # } + # { + # address_data = "94.140.14.59"; + # tls_auth_name = "4b921896.d.adguard-dns.com"; + # tls_pubkey_pinset = [ + # { + # digest = "sha256"; + # value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; + # } + # ]; + # } + # { + # address_data = "2a10:50c0:0:0:0:0:ded:ff"; + # tls_auth_name = "4b921896.d.adguard-dns.com"; + # tls_pubkey_pinset = [ + # { + # digest = "sha256"; + # value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; + # } + # ]; + # } + # { + # address_data = "2a10:50c0:0:0:0:0:dad:ff"; + # tls_auth_name = "4b921896.d.adguard-dns.com"; + # tls_pubkey_pinset = [ + # { + # digest = "sha256"; + # value = "19HOzAWb2bgl7bo/b4Soag+5luf7bo6vlDN8W812k4U="; + # } + # ]; + # } + # ]; + # }; + # }; services.openssh = { enable = true;