From 5a26ebf03cb3a3a2f16b2dc182c65424554870ba Mon Sep 17 00:00:00 2001
From: Kenny Ballou <kb@devnulllabs.io>
Date: Fri, 23 Jul 2021 11:36:49 -0600
Subject: configure systemd-resolved with DoT

Disable networkmanager from writing `/etc/resolv.conf` and use
configured DNS servers with DNS over TLS.

Prune down list of nameservers as Level3 and OpenDNS do not currently
support DoT.

Signed-off-by: Kenny Ballou <kb@devnulllabs.io>
---
 services/networkmanager.nix | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

(limited to 'services/networkmanager.nix')

diff --git a/services/networkmanager.nix b/services/networkmanager.nix
index a12d271..b7e526d 100644
--- a/services/networkmanager.nix
+++ b/services/networkmanager.nix
@@ -2,14 +2,6 @@
 {
   networking.networkmanager = {
     enable = true;
-    # dnsmasq will handle this...
-    dns = "none";
-    appendNameservers = [
-      "1.1.1.1"
-      "1.0.0.1"
-      "9.9.9.9"
-      "208.67.222.222"
-      "208.67.220.220"
-    ];
+    dns = "systemd-resolved";
   };
 }
-- 
cgit v1.2.1