reidlab/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

dns

Browse source
This commit is contained in:
Reid 2026-06-09 10:11:09 -07:00
parent cae0bdfc96
commit 25927190ce
Signed by: reidlab
GPG key ID: DAF5EAF6665839FD
1 changed files with 34 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

49
modules/hardware/networking.nix
View file

@ -6,28 +6,47 @@ let
in { in {
options.modules.hardware.networking = { options.modules.hardware.networking = {
enable = mkEnableOption "Enable NetworkManager, a daemon for configuring network interfaces"; enable = mkEnableOption "Enable NetworkManager, a daemon for configuring network interfaces";
avoidRouterDns = mkEnableOption {
default = config.modules.core.laptop;
description = "Avoid using the router's DNS servers, useful on guest networks";
};
powersave = mkEnableOption { powersave = mkEnableOption {
default = config.modules.core.laptop; default = config.modules.core.laptop;
description = "Enable power saving options over Wi-Fi"; description = "Enable power saving options over Wi-Fi";
}; };
}; };
config = mkIf cfg.enable { config = mkMerge [
networking.networkmanager = { (mkIf cfg.enable {
enable = true; networking.networkmanager = {
dns = "systemd-resolved"; enable = true;
wifi.backend = "iwd"; dns = "systemd-resolved";
wifi.powersave = cfg.powersave; wifi.backend = "iwd";
}; wifi.powersave = cfg.powersave;
};
services.resolved.enable = true; services.resolved.enable = true;
services.resolved.settings.Resolve.DNSSEC = "allow-downgrade"; services.resolved.settings.Resolve.DNSSEC = "allow-downgrade";
services.resolved.settings.Resolve.DNSOverTLS = "opportunistic"; services.resolved.settings.Resolve.DNSOverTLS = "opportunistic";
networking.wireless.iwd.enable = true; networking.wireless.iwd.enable = true;
networking.wireless.iwd.settings.Settings.AutoConnect = true; networking.wireless.iwd.settings.Settings.AutoConnect = true;
# default startup time is Slowww # default startup time is Slowww
systemd.services.NetworkManager-wait-online.enable = false; systemd.services.NetworkManager-wait-online.enable = false;
}; })
(mkIf cfg.avoidRouterDns {
services.resolved.settings.Resolve.Domains = [ "~." ];
networking.nameservers = [
"1.1.1.1#cloudflare-dns.com"
"8.8.8.8#dns.google"
"1.0.0.1#cloudflare-dns.com"
"8.8.4.4#dns.google"
"2606:4700:4700::1111#cloudflare-dns.com"
"2001:4860:4860::8888#dns.google"
"2606:4700:4700::1001#cloudflare-dns.com"
"2001:4860:4860::8844#dns.google"
];
})
];
} }