Open bashfulrobot opened 1 year ago
For the sake of completeness, I just run the command via systemd at boot.
systemd.services.nextdns-activate = {
script = ''
/run/current-system/sw/bin/nextdns activate
'';
after = [ "nextdns.service" ];
wantedBy = [ "multi-user.target" ];
};
It has solved the issue for me (so far).
I'd also be interested in making this a better experience. On macOS, nix-darwin has it defined as a service, but it simply installs the nextdns binary and creates a launchctl config, but doesn't run the nextdns install step or activate the service.
Things changed some time ago and since I was busy I just followed the NextDNS "Setup Guide" instructions to go through systemd-resolved
instead of the CLI which was at one time the recommended setup and what lead to the current implementation of services.nextdns
.
Here's what I use now, instead of services.nextdns
:
services.resolved = {
enable = true;
extraConfig = ''
[Resolve]
DNS=45.90.28.0#xxxxxx.dns.nextdns.io
DNS=2a07:a8c0::#xxxxxx.dns.nextdns.io
DNS=45.90.30.0#xxxxxx.dns.nextdns.io
DNS=2a07:a8c1::#xxxxxx.dns.nextdns.io
DNSOverTLS=yes
'';
};
NextDNS now recommends (blue badge) using systemd-resolved
under the setup guide for Linux so maybe we could simplify this by simply taking a profile identifier to configure as above.
Based on @pnelson's suggestion, I have the following in nextdns.nix
:
{ config, lib, ... }:
let
cfg = config.services.myNextDNS;
in {
options.services.myNextDNS = {
enable = lib.mkEnableOption "Custom NextDNS configuration";
nextdnsId = lib.mkOption {
type = lib.types.str;
description = "NextDNS configuration ID";
};
};
config = lib.mkIf cfg.enable {
services.resolved = {
enable = true;
extraConfig = ''
[Resolve]
DNS=45.90.28.0#${cfg.nextdnsId}.dns.nextdns.io
DNS=2a07:a8c0::#${cfg.nextdnsId}.dns.nextdns.io
DNS=45.90.30.0#${cfg.nextdnsId}.dns.nextdns.io
DNS=2a07:a8c1::#${cfg.nextdnsId}.dns.nextdns.io
DNSOverTLS=yes
'';
};
};
}
It can be imported in your configuration with:
{ config, pkgs, ... }:
{
imports = [
./nextdns.nix
];
services.myNextDNS = {
enable = true;
nextdnsId = "xxxxxx"; # Replace with your actual NextDNS ID
};
}
The ID should be treated as a secret, though. That part needs to be changed according to the secret management method you are using.
Issue description
I suspect there might be more configuration to use the nextdns package. Currently you need to run
sudo nextdns activate
on boot for it to work.Steps to reproduce
configuration.nix
sudo nextdns activate
then refresh the web page.So I suspect it may need to be added to the docs with the recommended method.
Thank you.
Technical details
Please run
nix-shell -p nix-info --run "nix-info -m"
and paste the result.@pnelson