Add secondary DNS server

home-manager/users/jal.nix

@@ -12,7 +12,7 @@ let
     #"10.96.8.0/24" # Boomi
     #"10.96.10.0/24" # Boomi (new)
     "10.96.0.0/16"
-    "10.170.254.30/32" # core DNS resolver
+    "10.170.254.30/32" "10.170.254.40/32" # core DNS resolver
   ];
   vpnc-script = pkgs.writeShellScript "vpnc-script-tb" ''
     cisco_split_inc="$CISCO_SPLIT_INC"

hosts/hafnium/configuration.nix

@@ -1,5 +1,11 @@
 { lib, config, pkgs, self, system, ... }:
 
+let
+  tradebyteDnsServers = [
+    "10.170.254.30"
+    "10.170.254.40"
+  ];
+in
 {
   imports = [
     ./hardware-configuration.nix
@@ -106,20 +112,20 @@
     };
   };
 
-  services.dnsmasq.settings.server = [
-    "/vpce-0de71527ea27288f3-9op2d61c-eu-central-1b.s3.eu-central-1.vpce.amazonaws.com/10.170.254.30"
-    "/vpce-0de71527ea27288f3-9op2d61c.s3.eu-central-1.vpce.amazonaws.com/10.170.254.30"
-    "/ccs.tradebyte.com/10.170.254.30"
-    "/corp.ad.zalando.net/10.160.19.100"
-    "/develop.sys.tradebyte.com/10.0.3.1"
-    "/instance.tradebyte.com/10.170.254.30"
+  services.dnsmasq.settings.server = lib.lists.flatten (
+    map (domain: (map (srv: "/${domain}/${srv}") tradebyteDnsServers)) [
+    "vpce-0c1c169d1e33a1c2f-yugtdam1.s3.eu-central-1.vpce.amazonaws.com"
+    "ccs.tradebyte.com"
+    "instance.tradebyte.com"
+  ]) ++ [
     "/internal.production.core.tradebyte.com/10.158.224.2"
     "/internal.development.core.tradebyte.com/10.170.254.30"
     "/rds.amazonaws.com/9.9.9.9"
     "/tradebyte.com/9.9.9.9"
     "/tradebyte.org/9.9.9.9"
+    "/develop.sys.tradebyte.com/10.0.3.1"
+    "/corp.ad.zalando.net/10.160.19.100"
   ];
-
   services.actkbd = {
     enable = true;
     bindings = [