From 978e7c2a1a971e81af9c8d6d7ee60f41e1f8ff8a Mon Sep 17 00:00:00 2001
From: Charlotte Van Petegem <charlotte@vanpetegem.be>
Date: Tue, 30 Jan 2024 16:41:11 +0100
Subject: [PATCH] wireguard: Change private TLD to internal

https://www.theregister.com/2024/01/29/icann_internal_tld/
---
 modules/base/network/wireguard.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/base/network/wireguard.nix b/modules/base/network/wireguard.nix
index 75fc14e7..b68c9862 100644
--- a/modules/base/network/wireguard.nix
+++ b/modules/base/network/wireguard.nix
@@ -58,10 +58,10 @@ in
             "127.0.0.0/8 allow"
             "10.240.0.0/24 allow"
           ];
-          private-domain = "private";
-          domain-insecure = "private";
-          local-zone = builtins.map (name: ''"${name}.private" redirect'') (builtins.attrNames data);
-          local-data = builtins.map (name: ''"${name}.private IN A ${data.${name}.ip}"'') (builtins.attrNames data);
+          private-domain = "internal";
+          domain-insecure = "internal";
+          local-zone = builtins.map (name: ''"${name}.internal" redirect'') (builtins.attrNames data);
+          local-data = builtins.map (name: ''"${name}.internal IN A ${data.${name}.ip}"'') (builtins.attrNames data);
         };
         forward-zone = {
           name = ''"."'';
@@ -120,7 +120,7 @@ in
           enable = true;
           name = "wg0";
           address = [ "${data.${config.networking.hostName}.ip}/32" ];
-          domains = [ "private" ];
+          domains = [ "internal" ];
           dns = [ data.lasting-integrity.ip ];
           linkConfig.MTUBytes = "1342";
           routes = [{