From 5f8b5c04b334c7dce13830361fac936a8cc0c0a7 Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 17 Mar 2026 18:04:34 +0100 Subject: [PATCH] networking/overlay: Use blocking-nameservers as default nameservers --- modules/nixos/networking/overlay.nix | 27 +++++++++++++++++++-------- tests/overlay/default.nix | 2 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/modules/nixos/networking/overlay.nix b/modules/nixos/networking/overlay.nix index 007e012..d2166a6 100644 --- a/modules/nixos/networking/overlay.nix +++ b/modules/nixos/networking/overlay.nix @@ -6,6 +6,24 @@ }: let cfg = config.custom.networking.overlay; + + blocking-nameservers = + allHosts + |> lib.attrValues + |> lib.filter (host: host.config.custom.services.blocking-nameserver.enable) + |> lib.map ( + host: + "${host.config.custom.networking.overlay.address}:${toString host.config.custom.services.blocking-nameserver.port}" + ); + + recursive-nameservers = + allHosts + |> lib.attrValues + |> lib.filter (host: host.config.custom.services.recursive-nameserver.enable) + |> lib.map ( + host: + "${host.config.custom.networking.overlay.address}:${toString host.config.custom.services.recursive-nameserver.port}" + ); in { options.custom.networking.overlay = { @@ -60,14 +78,7 @@ in dnsServers = lib.mkOption { type = lib.types.listOf lib.types.nonEmptyStr; - default = - allHosts - |> lib.attrValues - |> lib.filter (host: host.config.custom.services.recursive-nameserver.enable) - |> lib.map ( - host: - "${host.config.custom.networking.overlay.address}:${toString host.config.custom.services.recursive-nameserver.port}" - ); + default = if (blocking-nameservers != [ ]) then blocking-nameservers else recursive-nameservers; }; implementation = lib.mkOption { diff --git a/tests/overlay/default.nix b/tests/overlay/default.nix index 5d91468..a7ff7e3 100644 --- a/tests/overlay/default.nix +++ b/tests/overlay/default.nix @@ -105,7 +105,7 @@ client2.wait_for_unit("${client2NetCfg.overlay.systemdUnit}") lighthouse.wait_for_unit("unbound.service") - lighthouse.wait_for_open_port(53, "${lighthouseNetCfg.overlay.address}") + lighthouse.wait_for_open_port(${toString nodes.lighthouse.custom.services.recursive-nameserver.port}, "${lighthouseNetCfg.overlay.address}") server.wait_for_unit("sshd.service") client2.wait_for_unit("sshd.service")