nixpkgs-suyu/nixos/modules/misc
Joachim Fasting 52f0553209 Add dnscrypt-proxy service
The dnscrypt-proxy service relays regular DNS queries to
a DNSCrypt enabled upstream resolver.
The traffic between the client and the upstream resolver is
encrypted and authenticated, which may mitigate the risk of
MITM attacks and third-party snooping (assuming a trustworthy
upstream).

Though dnscrypt-proxy can run as a standalone DNS client,
the recommended setup is to use it as a forwarder for a
caching DNS client.
To use dnscrypt-proxy as a forwarder for dnsmasq, do

```nix
{
  # ...

  networking.nameservers = [ "127.0.0.1" ];
  networking.dhcpcd.extraConfig = "nohook resolv.conf";

  services.dnscrypt-proxy.enable = true;
  services.dnscrypt-proxy.localAddress = "127.0.0.1";
  services.dnscrypt-proxy.port = 40;

  services.dnsmasq.enable = true;
  services.dnsmasq.extraConfig = ''
    no-resolv
    server=127.0.0.1#40
    listen-address=127.0.0.1
  '';

  # ...
}
```
2014-11-11 22:47:19 +01:00
..
assertions.nix nixos: evaluate assertions at toplevel, not at systemPackages 2014-04-22 14:09:02 -04:00
check-config.nix Rewrite ‘with pkgs.lib’ -> ‘with lib’ 2014-04-14 16:26:48 +02:00
crashdump.nix nixos/manual: Use literalExample when feasible. 2014-08-27 23:41:15 +02:00
ids.nix Add dnscrypt-proxy service 2014-11-11 22:47:19 +01:00
lib.nix Get all lib functions from lib, not pkgs.lib, in modules 2014-07-02 12:28:18 -04:00
locate.nix Quote paths from example & default attributes. 2014-08-28 08:36:55 +02:00
meta.nix NixOS: Add meta.maintainer option to modules. 2014-08-25 01:04:39 +02:00
nixpkgs.nix Manual: Don't include the platform type of the host system 2014-04-25 00:14:55 +02:00
passthru.nix Get all lib functions from lib, not pkgs.lib, in modules 2014-07-02 12:28:18 -04:00
version.nix Fixing evaluation of misc/version.nix 2014-04-23 14:14:54 +01:00