From aba86e6d02de6fa78f1fe47c116bbc4c18525d9c Mon Sep 17 00:00:00 2001
From: Giulio De Pasquale <git@depasquale.giugl.io>
Date: Tue, 22 Apr 2025 15:19:04 +0100
Subject: [PATCH] feat: TLS dns

---
 hosts/architect/dns.nix | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/hosts/architect/dns.nix b/hosts/architect/dns.nix
index 5534dac..393c0a9 100644
--- a/hosts/architect/dns.nix
+++ b/hosts/architect/dns.nix
@@ -58,12 +58,15 @@ in
     coredns = {
       enable = true;
       config = ''
-        ${generateCoreDNSConfig allDomains}
+                ${generateCoreDNSConfig allDomains}
                           
-        . {
-          cache
-          forward . 45.90.28.77 45.90.30.77
-        }
+                . {
+                  cache
+                  forward . tls://45.90.28.77 tls://45.90.30.77 tls://2a07:a8c0::d6:5174 tls://2a07:a8c1::d6:5174 {
+                    tls_servername architect-d65174.dns.nextdns.io
+
+                    health_check 5s
+                  }
       '';
     };
   };