]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/nsd.nix
direnv: fix broken dump with new direnv_load
[sourcephile-nix.git] / servers / mermet / nsd.nix
1 {pkgs, lib, config, ...}:
2 let
3 inherit (config) networking;
4 inherit (config.services) nsd;
5 in
6 {
7 imports = [
8 nsd/sourcephile.fr.nix
9 nsd/autogeree.net.nix
10 ];
11 config = {
12 environment.systemPackages = [
13 (pkgs.bind.override { enablePython = true; })
14 ];
15 services.nsd = {
16 enable = true;
17 ipv4 = true;
18 ipv6 = true;
19 verbosity = 5;
20 #zones = {};
21 /*
22 interfaces = lib.unique [
23 #(builtins.elemAt networking.interfaces."${networking.defaultGateway.interface}".ipv4.addresses 0).address
24 #networking.privateIPv4
25 ];
26 */
27 # SEE: http://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
28 ratelimit.enable = true;
29 # 100 less than the default to preserve a few Mio of RAM
30 ratelimit.size = 10000;
31 ratelimit.ratelimit = 200;
32 extraConfig = ''
33 '';
34 };
35 };
36 }