From b91d2b406d987f92792dfe6fbe8d6097e5770634 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Geoffrey=20=E2=80=9CFrogeye=E2=80=9D=20Preud=27homme?=
 <geoffrey@frogeye.fr>
Date: Sun, 19 Oct 2025 10:33:21 +0200
Subject: [PATCH] dnsmasq on loopback only

---
 os/dns/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/os/dns/default.nix b/os/dns/default.nix
index 0e93a0c..db01791 100644
--- a/os/dns/default.nix
+++ b/os/dns/default.nix
@@ -8,6 +8,10 @@
       # Not an issue for routing, but we need local DNS with conditional forwarding.
       enable = true;
       resolveLocalQueries = true;
+      settings = {
+        interface = "lo"; # Bind on loopback interface only, so other interface (e.g. libvirt) can run their own DNS server
+        bind-interfaces = true; # Required for above to do anything
+      };
     };
   };
 }