Skip to content

Dnsdist

services.dnsdist.dnscrypt.certLifetime

The lifetime (in minutes) of the resolver certificate. This will be automatically rotated before expiration.

Type: positive integer, meaning >0

Default

15

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.dnscrypt.enable

Whether to enable a DNSCrypt endpoint to dnsdist. Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.dnscrypt.listenAddress

Listen IP address of the endpoint Type: string

Default

"0.0.0.0"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.dnscrypt.listenPort

Listen port of the endpoint Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

443

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.dnscrypt.providerKey

The filepath to the provider secret key. If not given a new provider key pair will be generated in /var/lib/dnsdist on the first run.

::: {.note} The file must be readable by the dnsdist user/group. :::

Type: null or path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.dnscrypt.providerName

The name that will be given to this DNSCrypt resolver.

::: {.note} The provider name must start with 2.dnscrypt-cert.. :::

Type: string

Default

2.dnscrypt-cert.${config.networking.hostName}

Example

"2.dnscrypt-cert.myresolver"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.enable

Whether to enable dnsdist domain name server. Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.extraConfig

Extra lines to be added verbatim to dnsdist.conf.

Type: strings concatenated with "\n"

Default

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.listenAddress

Listen IP address Type: string

Default

"0.0.0.0"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix

services.dnsdist.listenPort

Listen port Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

53

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/dnsdist.nix