nixos/bind: configurable "forward" setting

Sometimes it is preferable to configure forwarding only for bind
instead of relying on direct lookups.

This patch makes it possible to configure the forward setting to
either "first" (the default) or "only".
This commit is contained in:
Matt Christ 2022-01-01 08:33:51 -06:00
parent df2c21de51
commit c355b2729c

View file

@ -59,7 +59,7 @@ let
listen-on-v6 { ${concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6} }; listen-on-v6 { ${concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6} };
allow-query { cachenetworks; }; allow-query { cachenetworks; };
blackhole { badnetworks; }; blackhole { badnetworks; };
forward first; forward ${cfg.forward};
forwarders { ${concatMapStrings (entry: " ${entry}; ") cfg.forwarders} }; forwarders { ${concatMapStrings (entry: " ${entry}; ") cfg.forwarders} };
directory "${cfg.directory}"; directory "${cfg.directory}";
pid-file "/run/named/named.pid"; pid-file "/run/named/named.pid";
@ -151,6 +151,14 @@ in
"; ";
}; };
forward = mkOption {
default = "first";
type = types.enum ["first" "only"];
description = "
Whether to forward 'first' (try forwarding but lookup directly if forwarding fails) or 'only'.
";
};
listenOn = mkOption { listenOn = mkOption {
default = [ "any" ]; default = [ "any" ];
type = types.listOf types.str; type = types.listOf types.str;