diff options
| author | Matt Christ <matt@christ.systems> | 2022-01-01 08:33:51 -0600 |
|---|---|---|
| committer | Matt Christ <matt@christ.systems> | 2022-01-01 08:33:51 -0600 |
| commit | c355b2729c01c4ea35a430dd6dfea9ae3848f816 (patch) | |
| tree | bc7f2e70cd0b7943fe8e8eaa767c9bf4bed413c9 /nixos | |
| parent | df2c21de512180f349fde25d938185cfbd02b2e6 (diff) | |
| download | nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar.gz nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar.bz2 nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar.lz nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar.xz nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.tar.zst nixlib-c355b2729c01c4ea35a430dd6dfea9ae3848f816.zip | |
nixos/bind: configurable "forward" setting
Sometimes it is preferable to configure forwarding only for bind instead of relying on direct lookups. This patch makes it possible to configure the forward setting to either "first" (the default) or "only".
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/bind.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/bind.nix b/nixos/modules/services/networking/bind.nix index e44f8d4cf302..2045612ec054 100644 --- a/nixos/modules/services/networking/bind.nix +++ b/nixos/modules/services/networking/bind.nix @@ -59,7 +59,7 @@ let listen-on-v6 { ${concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6} }; allow-query { cachenetworks; }; blackhole { badnetworks; }; - forward first; + forward ${cfg.forward}; forwarders { ${concatMapStrings (entry: " ${entry}; ") cfg.forwarders} }; directory "${cfg.directory}"; pid-file "/run/named/named.pid"; @@ -151,6 +151,14 @@ in "; }; + forward = mkOption { + default = "first"; + type = types.enum ["first" "only"]; + description = " + Whether to forward 'first' (try forwarding but lookup directly if forwarding fails) or 'only'. + "; + }; + listenOn = mkOption { default = [ "any" ]; type = types.listOf types.str; |