movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixos: add option for bind to not resolve local queries (#29503)

Browse source 
When the user specifies the networking.nameservers setting in the
configuration file, it must take precedence over automatically
derived settings.

The culprit was services.bind that made the resolver set to
127.0.0.1 and ignore the nameserver setting.

This patch adds a flag to services.bind to override the nameserver
to localhost. It defaults to true. Setting this to false prevents the
service.bind and dnsmasq.resolveLocalQueries settings from
overriding the users' settings.

Also, when the user specifies a domain to search, it must be set in
the resolver configuration, even if the user does not specify any
nameservers.

(cherry picked from commit 670b4e29ad)

This commit was accidentally merged to 17.09 but was intended for
master. This is the cherry-pick to master.
This commit is contained in:
gwitmond 2017-09-18 13:21:44 +02:00 committed by Franz Pletz
parent 38c14d7132
commit bd52618c9d
No known key found for this signature in database
GPG key ID: 846FDED7792617B4
4 changed files with 14 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nixos/modules/config/networking.nix
View file

@ -9,7 +9,9 @@ let
cfg = config.networking; cfg = config.networking;
dnsmasqResolve = config.services.dnsmasq.enable && dnsmasqResolve = config.services.dnsmasq.enable &&
config.services.dnsmasq.resolveLocalQueries; config.services.dnsmasq.resolveLocalQueries;
hasLocalResolver = config.services.bind.enable || dnsmasqResolve; bindResolve = config.services.bind.enable &&
config.services.bind.resolveLocalQueries;
hasLocalResolver = bindResolve || dnsmasqResolve;
resolvconfOptions = cfg.resolvconfOptions resolvconfOptions = cfg.resolvconfOptions
++ optional cfg.dnsSingleRequest "single-request" ++ optional cfg.dnsSingleRequest "single-request"

9
nixos/modules/services/networking/bind.nix
View file

@ -151,6 +151,15 @@ in
"; ";
}; };
resolveLocalQueries = mkOption {
type = types.bool;
default = true;
description = ''
Whether bind should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf, overriding networking.nameserver).
'';
};
}; };
}; };

2
nixos/modules/services/networking/dnsmasq.nix
View file

@ -42,7 +42,7 @@ in
default = true; default = true;
description = '' description = ''
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf). /etc/resolv.conf overriding networking.nameservers).
''; '';
}; };

2
nixos/modules/tasks/network-interfaces-scripted.nix
View file

@ -105,7 +105,7 @@ let
'' ''
# Set the static DNS configuration, if given. # Set the static DNS configuration, if given.
${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF ${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF
${optionalString (cfg.nameservers != [] && cfg.domain != null) '' ${optionalString (cfg.domain != null) ''
domain ${cfg.domain} domain ${cfg.domain}
''} ''}
${optionalString (cfg.search != []) ("search " + concatStringsSep " " cfg.search)} ${optionalString (cfg.search != []) ("search " + concatStringsSep " " cfg.search)}