99f759de1c
This reverts commit 670b4e29adc16e0a29aa5b4c126703dcca56aeb6. The change added in this commit was controversial when it was originally suggested in https://github.com/NixOS/nixpkgs/pull/29205. Then that PR was closed and a new one opened, https://github.com/NixOS/nixpkgs/pull/29503, effectively circumventing the review process. I don't agree with this modification. Adding an option 'resolveLocalQueries' to tell the locally running name server that it should resolve local DNS queries feels outright nuts. I agree that the current state is unsatisfactory and that it should be improved, but this is not the right way. (cherry picked from commit 23a021d12e8f939cd0bfddb1c7adeb125028c1e3)
110 lines
2.5 KiB
Nix
110 lines
2.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.dnsmasq;
|
|
dnsmasq = pkgs.dnsmasq;
|
|
stateDir = "/var/lib/dnsmasq";
|
|
|
|
dnsmasqConf = pkgs.writeText "dnsmasq.conf" ''
|
|
dhcp-leasefile=${stateDir}/dnsmasq.leases
|
|
${optionalString cfg.resolveLocalQueries ''
|
|
conf-file=/etc/dnsmasq-conf.conf
|
|
resolv-file=/etc/dnsmasq-resolv.conf
|
|
''}
|
|
${flip concatMapStrings cfg.servers (server: ''
|
|
server=${server}
|
|
'')}
|
|
${cfg.extraConfig}
|
|
'';
|
|
|
|
in
|
|
|
|
{
|
|
|
|
###### interface
|
|
|
|
options = {
|
|
|
|
services.dnsmasq = {
|
|
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
Whether to run dnsmasq.
|
|
'';
|
|
};
|
|
|
|
resolveLocalQueries = mkOption {
|
|
type = types.bool;
|
|
default = true;
|
|
description = ''
|
|
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to
|
|
/etc/resolv.conf).
|
|
'';
|
|
};
|
|
|
|
servers = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [];
|
|
example = [ "8.8.8.8" "8.8.4.4" ];
|
|
description = ''
|
|
The DNS servers which dnsmasq should query.
|
|
'';
|
|
};
|
|
|
|
extraConfig = mkOption {
|
|
type = types.lines;
|
|
default = "";
|
|
description = ''
|
|
Extra configuration directives that should be added to
|
|
<literal>dnsmasq.conf</literal>.
|
|
'';
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
###### implementation
|
|
|
|
config = mkIf config.services.dnsmasq.enable {
|
|
|
|
networking.nameservers =
|
|
optional cfg.resolveLocalQueries "127.0.0.1";
|
|
|
|
services.dbus.packages = [ dnsmasq ];
|
|
|
|
users.extraUsers = singleton {
|
|
name = "dnsmasq";
|
|
uid = config.ids.uids.dnsmasq;
|
|
description = "Dnsmasq daemon user";
|
|
};
|
|
|
|
systemd.services.dnsmasq = {
|
|
description = "Dnsmasq Daemon";
|
|
after = [ "network.target" "systemd-resolved.service" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [ dnsmasq ];
|
|
preStart = ''
|
|
mkdir -m 755 -p ${stateDir}
|
|
touch ${stateDir}/dnsmasq.leases
|
|
chown -R dnsmasq ${stateDir}
|
|
touch /etc/dnsmasq-{conf,resolv}.conf
|
|
dnsmasq --test
|
|
'';
|
|
serviceConfig = {
|
|
Type = "dbus";
|
|
BusName = "uk.org.thekelleys.dnsmasq";
|
|
ExecStart = "${dnsmasq}/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C ${dnsmasqConf}";
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
|
};
|
|
restartTriggers = [ config.environment.etc.hosts.source ];
|
|
};
|
|
|
|
};
|
|
|
|
}
|