nox/systems/resolv-dns.noc.eh22.intern/system.nix

{
  pkgs,
  lib,
  ...
}:
let
  renameLink = macAddr: newName: {
    matchConfig = {
      MACAddress = macAddr;
      Type = "ether";
    };
    linkConfig = {
      Name = newName;
    };
  };
in
{
  imports = [ ];

  # configure network for dns server
  services.resolved.enable = false;
  networking.firewall = {
    allowedTCPPorts = [ 53 ];
    allowedUDPPorts = [ 53 ];
  };
  networking = {
    interfaces.ens18 = {
      ipv4.addresses = [
        {
          address = "94.45.254.6";
          prefixLength = 25;
        }
      ];
    };
    defaultGateway = "94.45.254.1";
  };
  
  environment.etc."resolv.conf".text = ''
    search noc.eh22.intern eh22.intern
    nameserver 94.45.254.6
    nameserver 9.9.9.9
  '';

  # enable knot resolv server
  # ref: https://search.nüschtos.de/?query=services.kresd
  #      https://www.knot-resolver.cz/documentation/stable/
  services.kresd = {
    enable = true;
    instances = 1;
    listenPlain = [ "53" ];
    extraConfig = builtins.readFile ./kresd-config.lua;
  };

  # DO NOT CHANGE
  # this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
  home-manager.users.noc.home.stateVersion = "24.11";
  system.stateVersion = "24.11";
}