diff options
| author | KJ Ørbekk <kj@orbekk.com> | 2017-05-21 09:45:55 -0400 |
|---|---|---|
| committer | KJ Ørbekk <kj@orbekk.com> | 2017-05-21 09:45:55 -0400 |
| commit | b95ffd7a20cd5c8e8a4142bd8d2e279ef48e7d13 (patch) | |
| tree | eb313ea33ceadab7c27eba0e40be551da808bd39 | |
| parent | 339205e56168b33e6e1ddfc701ec5fa8000bdcea (diff) | |
dns: Configure transfers
| -rw-r--r-- | config/dns.nix | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/config/dns.nix b/config/dns.nix index dd0cf3d..535992d 100644 --- a/config/dns.nix +++ b/config/dns.nix @@ -6,6 +6,11 @@ let zone-files = pkgs.callPackage ../pkgs/zone-files/default.nix { }; in { + networking.firewall = { + allowedTCPPorts = [ 53 ]; + allowedUDPPorts = [ 53 ]; + }; + services.bind = { enable = true; extraConfig = '' @@ -17,6 +22,18 @@ in key-directory "/opt/secret/bind/${zone}"; update-policy local; allow-query { any; }; + allow-transfer { + ::1; + 193.35.52.61; // trygve transfer + 2a00:1b60:1011::6def:e868; // ns1 + 2001:67c:29f4::61; // ns2 + 2604:2000:12c1:c0c6::1000; // sabaki + }; + also-notify { + 193.35.52.61; // trygve transfer + 2a00:1b60:1011::6def:e868; // ns1 + 2001:67c:29f4::61; // ns2 + }; }; '') masterZones} ''; |