From 35906841d80bce6195c7b98de156ad4597c2623e Mon Sep 17 00:00:00 2001 From: Alejandro Angulo Date: Sun, 9 Jul 2023 08:28:55 -0700 Subject: [PATCH] Added context for explicit DNS resolver --- modules/services/adguardhome/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/adguardhome/default.nix b/modules/services/adguardhome/default.nix index 72592d1..7836d47 100644 --- a/modules/services/adguardhome/default.nix +++ b/modules/services/adguardhome/default.nix @@ -49,6 +49,10 @@ in { # Wildcard cert certs."kilonull.com" = { dnsProvider = "cloudflare"; + # Private network resolves *.kilonull.com to private servers but `lego` + # (acme client under the hood) needs to find the cloudflare nameservers + # to determine the correct zone to apply changes in. Use cloudflare's + # own DNS to make `lego` happy (will resolve names to a public IP). dnsResolver = "1.1.1.1:53"; credentialsFile = config.age.secrets.cf_dns_kilonull.path; extraDomainNames = ["*.kilonull.com"];