···
# /var/lib/misc is for dnsmasq.leases.
stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc";
13
-
if cfg.dns == "none" then "none"
14
-
else if cfg.dns == "dnsmasq" then "dnsmasq"
15
-
else if config.services.resolved.enable then "systemd-resolved"
16
-
else if config.services.unbound.enable then "unbound"
configFile = writeText "NetworkManager.conf" ''
${optionalString (cfg.unmanaged != [])
···
220
-
type = types.enum [ "auto" "dnsmasq" "none" ];
213
+
type = types.enum [ "default" "dnsmasq" "unbound" "systemd-resolved" "none" ];
214
+
default = "default";
216
+
Set the DNS (<literal>resolv.conf</literal>) processing mode.
224
-
- auto: Check for systemd-resolved, unbound, or use default.
226
-
Enable NetworkManager's dnsmasq integration. NetworkManager will run
227
-
dnsmasq as a local caching nameserver, using a "split DNS"
228
-
configuration if you are connected to a VPN, and then update
229
-
resolv.conf to point to the local nameserver.
231
-
Disable NetworkManager's DNS integration completely.
232
-
It will not touch your /etc/resolv.conf.
222
+
<term><literal>"default"</literal></term>
224
+
NetworkManager will update <literal>/etc/resolv.conf</literal> to
225
+
reflect the nameservers provided by currently active connections.
229
+
<term><literal>"dnsmasq"</literal></term>
232
+
Enable NetworkManager's dnsmasq integration. NetworkManager will
233
+
run dnsmasq as a local caching nameserver, using a "split DNS"
234
+
configuration if you are connected to a VPN, and then update
235
+
<literal>resolv.conf</literal> to point to the local nameserver.
238
+
It is possible to pass custom options to the dnsmasq instance by
239
+
adding them to files in the
240
+
<literal>/etc/NetworkManager/dnsmasq.d/</literal> directory.
243
+
When multiple upstream servers are available, dnsmasq will
244
+
initially contact them in parallel and then use the fastest to
245
+
respond, probing again other servers after some time. This
246
+
behavior can be modified passing the
247
+
<literal>all-servers</literal> or <literal>strict-order</literal>
248
+
options to dnsmasq (see the manual page for more details).
251
+
Note that this option causes NetworkManager to launch and manage
252
+
its own instance of the dnsmasq daemon, which is
253
+
<emphasis>not</emphasis> the same as setting
254
+
<literal>services.dnsmasq.enable = true;</literal>.
259
+
<term><literal>"unbound"</literal></term>
261
+
NetworkManager will talk to unbound and dnssec-triggerd,
262
+
providing a "split DNS" configuration with DNSSEC support.
263
+
<literal>/etc/resolv.conf</literal> will be managed by
264
+
dnssec-trigger daemon.
268
+
<term><literal>"systemd-resolved"</literal></term>
270
+
NetworkManager will push the DNS configuration to systemd-resolved.
274
+
<term><literal>"none"</literal></term>
276
+
NetworkManager will not modify resolv.conf.
pyrox.dev