modules/nixos/base/networking.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

{ config, lib, ... }:
let
  cfg = config.base.networking;
  enable = config.base.enable && cfg.enable;
in
{
  options.base.networking = {
    enable = lib.mkEnableOption "base network settings" // {
      default = true;
    };
  };

  config = lib.mkIf enable {
    networking.networkmanager = {
      enable = lib.mkDefault true;
      dns = "systemd-resolved";
    };

    services = {
      resolved = {
        enable = lib.mkDefault true;
        dnssec = "allow-downgrade";
        extraConfig = lib.mkDefault ''
          [Resolve]
          DNS=1.1.1.1 1.0.0.1
          DNSOverTLS=yes
        '';
      };
    };
  };
}