nix: allow wireguard + logs

This commit is contained in:
Quentin 2023-04-28 09:26:32 +02:00
parent af82308e84
commit 3befdea206
Signed by untrusted user: quentin
GPG key ID: E9602264D639FF68

View file

@ -201,10 +201,15 @@ in
domain-insecure = [ "consul." ]; domain-insecure = [ "consul." ];
local-zone = [ "consul. nodefault" ]; local-zone = [ "consul. nodefault" ];
log-servfail = true; log-servfail = true;
verbosity = 1;
log-queries = true;
use-syslog = false;
logfile = "/dev/stdout";
access-control = [ access-control = [
"127.0.0.0/8 allow" "127.0.0.0/8 allow"
"${cfg.lan_ip}/${toString cfg.lan_ip_prefix_length} allow" "${cfg.lan_ip}/${toString cfg.lan_ip_prefix_length} allow"
"172.17.0.0/16 allow" "172.17.0.0/16 allow"
"10.83.0.0/16 allow"
]; ];
}; };
forward-zone = [ forward-zone = [