From cf70c86d072cab7b7cc5da2d023a58b12ccb9854 Mon Sep 17 00:00:00 2001 From: Philip Nelson Date: Fri, 1 May 2020 18:49:22 -0700 Subject: [PATCH 1/2] nextdns: init at 1.7.0 1.7.0 --- .../networking/nextdns/default.nix | 24 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 26 insertions(+) create mode 100644 pkgs/applications/networking/nextdns/default.nix diff --git a/pkgs/applications/networking/nextdns/default.nix b/pkgs/applications/networking/nextdns/default.nix new file mode 100644 index 00000000000..40ca27c70b0 --- /dev/null +++ b/pkgs/applications/networking/nextdns/default.nix @@ -0,0 +1,24 @@ +{ buildGoModule, fetchFromGitHub, lib }: + +buildGoModule rec { + pname = "nextdns"; + version = "1.7.0"; + + src = fetchFromGitHub { + owner = "nextdns"; + repo = "nextdns"; + rev = "v${version}"; + sha256 = "15xw8d6b9rv0lalzfllixm8n89clz9j8ag1gk4r16k7yv5l6xrpd"; + }; + + vendorSha256 = "09whpzsn16znyrknfm5zlhla253r69j6d751czza4c83m4r36swj"; + + buildFlagsArray = [ "-ldflags=-s -w -X main.version=${version}" ]; + + meta = with lib; { + description = "NextDNS DNS/53 to DoH Proxy"; + homepage = "https://nextdns.io"; + license = licenses.mit; + maintainers = with maintainers; [ pnelson ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4d88c63bcfb..5b1c7f9fb85 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2102,6 +2102,8 @@ in mq-cli = callPackage ../tools/system/mq-cli { }; + nextdns = callPackage ../applications/networking/nextdns { }; + nfdump = callPackage ../tools/networking/nfdump { }; nfstrace = callPackage ../tools/networking/nfstrace { }; From 81034b583c445765ae1b3d01a8d017967fc36129 Mon Sep 17 00:00:00 2001 From: Philip Nelson Date: Fri, 1 May 2020 18:49:46 -0700 Subject: [PATCH 2/2] nixos/nextdns: init --- nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/nextdns.nix | 44 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 nixos/modules/services/networking/nextdns.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 0dba92f60c7..d562dce3b1b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -668,6 +668,7 @@ ./services/networking/nat.nix ./services/networking/ndppd.nix ./services/networking/networkmanager.nix + ./services/networking/nextdns.nix ./services/networking/nftables.nix ./services/networking/ngircd.nix ./services/networking/nghttpx/default.nix diff --git a/nixos/modules/services/networking/nextdns.nix b/nixos/modules/services/networking/nextdns.nix new file mode 100644 index 00000000000..a633bff62ec --- /dev/null +++ b/nixos/modules/services/networking/nextdns.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.nextdns; +in { + options = { + services.nextdns = { + enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable the NextDNS DNS/53 to DoH Proxy service."; + }; + arguments = mkOption { + type = types.listOf types.str; + default = []; + example = [ "-config" "10.0.3.0/24=abcdef" ]; + description = "Additional arguments to be passed to nextdns run."; + }; + }; + }; + + # https://github.com/nextdns/nextdns/blob/628ea509eaaccd27adb66337db03e5b56f6f38a8/host/service/systemd/service.go + config = mkIf cfg.enable { + systemd.services.nextdns = { + description = "NextDNS DNS/53 to DoH Proxy"; + environment = { + SERVICE_RUN_MODE = "1"; + }; + serviceConfig = { + StartLimitInterval = 5; + StartLimitBurst = 10; + ExecStart = "${pkgs.nextdns}/bin/nextdns run ${escapeShellArgs config.services.nextdns.arguments}"; + RestartSec = 120; + LimitMEMLOCK = "infinity"; + }; + after = [ "network.target" ]; + before = [ "nss-lookup.target" ]; + wants = [ "nss-lookup.target" ]; + wantedBy = [ "multi-user.target" ]; + }; + }; +}