diff --git a/flake.lock b/flake.lock index 6b29af2..7e15d35 100644 --- a/flake.lock +++ b/flake.lock @@ -16,22 +16,6 @@ "type": "github" } }, - "blocklist": { - "flake": false, - "locked": { - "lastModified": 1772371087, - "narHash": "sha256-4exSkO2QcRy+yhQf2tV6jgO3noNNPvSeIad1YLxpazI=", - "owner": "StevenBlack", - "repo": "hosts", - "rev": "484d3c71b9433e08fa887297e25a3b53c0c6fd57", - "type": "github" - }, - "original": { - "owner": "StevenBlack", - "repo": "hosts", - "type": "github" - } - }, "comin": { "inputs": { "flake-compat": "flake-compat", @@ -309,7 +293,6 @@ "root": { "inputs": { "betterfox": "betterfox", - "blocklist": "blocklist", "comin": "comin", "disko": "disko", "dns": "dns", diff --git a/flake.nix b/flake.nix index f251142..83622ed 100644 --- a/flake.nix +++ b/flake.nix @@ -75,11 +75,6 @@ url = "github:iBigQ/radicale-birthday-calendar"; flake = false; }; - - blocklist = { - url = "github:StevenBlack/hosts"; - flake = false; - }; }; outputs = diff --git a/hosts/srv-core/default.nix b/hosts/srv-core/default.nix index 7645421..56e99e6 100644 --- a/hosts/srv-core/default.nix +++ b/hosts/srv-core/default.nix @@ -21,10 +21,7 @@ }; services = { - recursive-nameserver = { - enable = true; - blockAds = true; - }; + recursive-nameserver.enable = true; private-nameserver.enable = true; syncthing = { diff --git a/hosts/vps-ns/default.nix b/hosts/vps-ns/default.nix index 98d0660..701eb12 100644 --- a/hosts/vps-ns/default.nix +++ b/hosts/vps-ns/default.nix @@ -21,10 +21,7 @@ }; services = { - recursive-nameserver = { - enable = true; - blockAds = true; - }; + recursive-nameserver.enable = true; private-nameserver.enable = true; public-nameserver = { enable = true; diff --git a/modules/nixos/networking/underlay.nix b/modules/nixos/networking/underlay.nix index 94f7401..20f9efa 100644 --- a/modules/nixos/networking/underlay.nix +++ b/modules/nixos/networking/underlay.nix @@ -51,7 +51,6 @@ in matchConfig.Name = cfg.interface; linkConfig.RequiredForOnline = "routable"; networkConfig.DHCP = lib.mkIf cfg.useDhcp "yes"; - dhcpV4Config.UseDNS = lib.mkIf cfg.useDhcp false; address = lib.optional (cfg.cidr != null) cfg.cidr; routes = lib.optional (cfg.gateway != null) { Gateway = cfg.gateway; diff --git a/modules/nixos/services/nameservers/recursive.nix b/modules/nixos/services/nameservers/recursive.nix index 894c2e1..914e12b 100644 --- a/modules/nixos/services/nameservers/recursive.nix +++ b/modules/nixos/services/nameservers/recursive.nix @@ -1,7 +1,5 @@ { config, - inputs, - pkgs, lib, allHosts, ... @@ -10,16 +8,6 @@ let cfg = config.custom.services.recursive-nameserver; netCfg = config.custom.networking; - blocklist = - pkgs.runCommand "blocklist.conf" { } '' - echo "server:" > $out - cat ${inputs.blocklist}/hosts \ - | grep '^0.0.0.0 ' \ - | awk '$2 != "0.0.0.0" {print " local-zone: \"" $2 "\" refuse"}' \ - >> $out - '' - |> toString; - privateNameservers = allHosts |> lib.attrValues @@ -32,7 +20,6 @@ in type = lib.types.port; default = 53; }; - blockAds = lib.mkEnableOption ""; }; config = lib.mkIf cfg.enable ( @@ -41,13 +28,10 @@ in services = { unbound = { enable = true; - settings = { - server = { - interface = [ "${netCfg.overlay.address}@${toString cfg.port}" ]; - access-control = [ "${toString netCfg.overlay.networkCidr} allow" ]; - prefetch = true; - }; - include-toplevel = lib.mkIf cfg.blockAds blocklist; + settings.server = { + interface = [ "${netCfg.overlay.address}@${toString cfg.port}" ]; + access-control = [ "${toString netCfg.overlay.networkCidr} allow" ]; + prefetch = true; }; };