From 81596f07dc34deb33cca8f27861f511cc8c4c241 Mon Sep 17 00:00:00 2001
From: Daniel Kempkens <daniel+git@kempkens.io>
Date: Sat, 20 Jul 2024 18:15:04 +0200
Subject: [PATCH] unbound: fix tailscale reverse lookup

---
 system/nixos/unbound.nix | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/system/nixos/unbound.nix b/system/nixos/unbound.nix
index 3528bfb..3fa6cf2 100644
--- a/system/nixos/unbound.nix
+++ b/system/nixos/unbound.nix
@@ -1,3 +1,5 @@
+{ lib, ... }:
+
 {
   services.unbound = {
     enable = true;
@@ -39,16 +41,17 @@
         ];
       };
 
-      forward-zone = [
-        # {
-        #   name = "10.64.100.in-addr.arpa.";
-        #   forward-addr = "100.100.100.100";
-        # }
-        #
-        # {
-        #   name = "0.1.0.1.0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.";
-        #   forward-addr = "100.100.100.100";
-        # }
+      forward-zone = (builtins.map
+        (octet:
+          {
+            name = "${builtins.toString octet}.100.in-addr.arpa.";
+            forward-addr = "100.100.100.100";
+          })
+        (lib.range 64 127)) ++ [
+        {
+          name = "0.0.0.0.0.0.0.0.0.0.0.0.0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.";
+          forward-addr = "100.100.100.100";
+        }
 
         {
           name = "in-addr.arpa.";