From 6cab771a3068903d03e8393b7ae92a361f929dd2 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Fri, 1 Dec 2023 00:40:36 +0100
Subject: [PATCH] change unbound interface

---
 hosts/fw.cloonar.com/modules/unbound.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hosts/fw.cloonar.com/modules/unbound.nix b/hosts/fw.cloonar.com/modules/unbound.nix
index 196302c..4eb366a 100644
--- a/hosts/fw.cloonar.com/modules/unbound.nix
+++ b/hosts/fw.cloonar.com/modules/unbound.nix
@@ -3,7 +3,8 @@
     enable = true;
     settings = {
       server = {
-        interface = [ "127.0.0.1" "10.42.96.1" "10.42.97.1" "10.42.99.1" "10.42.254.1" ];
+        interface = [ "0.0.0.0" "::0" ];
+        access-control = [ "127.0.0.0/8" "10.42.96.0/24" "10.42.97.0/24" "10.42.98.0/24" "10.42.99.0/24" "10.42.254.0/24" ];
         tls-cert-bundle = "/var/lib/acme/fw.cloonar.com/fullchain.pem";
         local-zone = "\"cloonar.com\" transparent";
         local-data = [