# Authoritative domain name server # Copyright (C) 2022 Nguyễn Gia Phong # # This file is part of loang configuration. # # Loang configuration is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published # by the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Loang configuration is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with loang configuration. If not, see . { ... }: { networking.firewall = { allowedTCPPorts = [ 53 ]; allowedUDPPorts = [ 53 ]; }; services.knot = { enable = true; extraConfig = '' server: listen: 0.0.0.0@53 listen: ::@53 log: - target: syslog any: info acl: - id: xarvos action: update update-owner: key key: xrvs.net template: - id: default storage: /var/lib/knot/zones file: %s dnssec-signing: on zone: - domain: cnx.gdn - domain: loang.net - domain: xrvs.net acl: xarvos ''; keyFiles = [ "/var/lib/knot/keys/update/xrvs.net" ]; }; }