nixpkgs/nixos/modules
TobTobXX 26fbd1adbe
nixos/bind: Fix cacheNetworks option
services.bind.cacheNetworks should only apply to recursive queryies, as
per the option documentation:
> Note that this is for recursive queries – all networks are allowed to
> query zones configured with the zones option by default [...].

This would correspond to the `allow-query-cache` option in named.conf,
as per the BIND docs[1]:
> Specifies which hosts (an IP address list) can access this server’s
> cache and thus effectively controls recursion.

And not `allow-query`, which restricts all requests (including requests
where the server has authority) [2]:
> Specifies which hosts (an IP address list) are allowed to send queries
> to this resolver.
> [...]
> Note:
> `allow-query-cache` is used to specify access to the cache.

[1]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query-cache
[2]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query
2024-11-20 10:47:06 +01:00
..
config 24.11 beta release 2024-11-14 09:02:09 -08:00
hardware nixos/graphics: clarify assertion message for enable32Bit configuration (#355033) 2024-11-12 06:17:47 +03:00
i18n/input-method doc: document ibus-engine for Chinese input in input-methods section (#319953) 2024-11-01 22:28:44 +08:00
image nixos/image/repart: unsafeDiscardReferences.out = true 2024-10-10 11:48:36 +02:00
installer nixos/tools: add enable options to manual 2024-11-18 16:22:41 +01:00
misc 24.11 beta release 2024-11-14 09:02:09 -08:00
profiles nixos/{demo,installer/virtualbox-demo}: drop 2024-11-07 23:41:51 +00:00
programs nixos/pay-respects: actually import the module (#356231) 2024-11-19 20:56:02 +01:00
security nixos/acme: make address families in systemd service less restrictive 2024-11-19 01:40:59 +01:00
services nixos/bind: Fix cacheNetworks option 2024-11-20 10:47:06 +01:00
system nixos/networkd: warn about naively replacing IPForward (#356955) 2024-11-18 20:10:52 -08:00
tasks nixos/network-interfaces-systemd: improve default ethernet network matching (#347283) 2024-11-18 21:18:19 -08:00
testing nixos/test-instrumentation: forward journald to correct tty also in systemd initrd 2024-10-18 10:08:29 +02:00
virtualisation nixos/incus: add incus-user service and socket 2024-11-13 12:25:40 +01:00
module-list.nix nixos/pay-respects: actually import the module (#356231) 2024-11-19 20:56:02 +01:00
rename.nix nixos: remove boot.loader.raspberryPi 2024-11-17 12:33:57 +01:00