From 8047fb2c82969c34a4832ebe5330700636375517 Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sat, 26 Apr 2025 17:28:26 +0200
Subject: [PATCH] Use dns over TLS & enable DNSSEC

---
 host_vars/fudiggity/network.yml    | 2 +-
 templates/network/link1.network.j2 | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/host_vars/fudiggity/network.yml b/host_vars/fudiggity/network.yml
index 9653d27..6ac2512 100644
--- a/host_vars/fudiggity/network.yml
+++ b/host_vars/fudiggity/network.yml
@@ -3,7 +3,7 @@ network_mac: '00:1b:21:3b:50:e2'
 
 lan_ip: '192.168.2.1'
 lan_gateway: '192.168.2.254'
-lan_dns: '192.168.2.254'
+lan_dns: 9.9.9.9 149.112.112.112
 lan_prefix: 24
 domain_name: 'fudiggity.nl'
 
diff --git a/templates/network/link1.network.j2 b/templates/network/link1.network.j2
index b7c3a53..fbd0b17 100644
--- a/templates/network/link1.network.j2
+++ b/templates/network/link1.network.j2
@@ -6,5 +6,10 @@ Name={{ network_interface }}
 [Network]
 Address={{ lan_ip }}/{{ lan_prefix }}
 Gateway={{ lan_gateway }}
+
 DNS={{ lan_dns }}
+DNSOverTLS=yes
+DNSSEC=yes
+
+RequiredForOnline=routable
 IgnoreCarrierLoss=yes