From c7b7efb30112ce492569f8ddea591f14a5040f57 Mon Sep 17 00:00:00 2001
From: "quentin@aristote.fr" <quentin@aristote.fr>
Date: Mon, 26 Jun 2023 22:01:08 +0200
Subject: networking: detach enp3s0 from wan

---
 config/networking/services/dns.nix | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'config/networking/services/dns.nix')

diff --git a/config/networking/services/dns.nix b/config/networking/services/dns.nix
index cce2f17..9e70958 100644
--- a/config/networking/services/dns.nix
+++ b/config/networking/services/dns.nix
@@ -7,18 +7,21 @@ in {
     settings = {
       server = {
         module-config = ''"respip validator iterator"'';
-        interface =
-          [ "127.0.0.1" "${nets.wan.subnet}.1" "${nets.iot.subnet}.1" ];
+        interface = [
+          "127.0.0.1"
+          "${nets.wan.subnet}.1"
+          "${nets.iot.subnet}.1"
+          "${nets.eth0.subnet}.1"
+        ];
         access-control = [
           "0.0.0.0/0 refuse"
           "127.0.0.0/8 allow"
           "${nets.wan.subnet}.0/24 allow"
           "${nets.iot.subnet}.0/24 allow"
+          "${nets.eth0.subnet}.0/24 allow"
         ];
       };
-      rpz = {
-        name = "rpz.oisd.nl";
-      };
+      rpz = { name = "rpz.oisd.nl"; };
     };
   };
 }
-- 
cgit v1.2.3