nixos/modules/services/networking/nextdns.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / nextdns.nix

at 25.11-pre 1.3 kB view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7
 8with lib;
 9
10let
11  cfg = config.services.nextdns;
12in
13{
14  options = {
15    services.nextdns = {
16      enable = mkOption {
17        type = types.bool;
18        default = false;
19        description = "Whether to enable the NextDNS DNS/53 to DoH Proxy service.";
20      };
21      arguments = mkOption {
22        type = types.listOf types.str;
23        default = [ ];
24        example = [
25          "-config"
26          "10.0.3.0/24=abcdef"
27        ];
28        description = "Additional arguments to be passed to nextdns run.";
29      };
30    };
31  };
32
33  # https://github.com/nextdns/nextdns/blob/628ea509eaaccd27adb66337db03e5b56f6f38a8/host/service/systemd/service.go
34  config = mkIf cfg.enable {
35    systemd.services.nextdns = {
36      description = "NextDNS DNS/53 to DoH Proxy";
37      environment = {
38        SERVICE_RUN_MODE = "1";
39      };
40      startLimitIntervalSec = 5;
41      startLimitBurst = 10;
42      serviceConfig = {
43        ExecStart = "${pkgs.nextdns}/bin/nextdns run ${escapeShellArgs config.services.nextdns.arguments}";
44        RestartSec = 120;
45        LimitMEMLOCK = "infinity";
46      };
47      after = [ "network.target" ];
48      before = [ "nss-lookup.target" ];
49      wants = [ "nss-lookup.target" ];
50      wantedBy = [ "multi-user.target" ];
51    };
52  };
53}