the NixCon venue WiFi kept poisoning our DNS caches, so i wrote this in delayed anger gist.github.com/edef1c/1a4eeb6
(nb, this depends on @qyliss's doh-stub package github.com/NixOS/nixpkgs/pull/)

i'll make it a properly configurable NixOS module instead of hardcoding CloudFlare (and update the gist) once i actually wake up and get out of bed, might be a while

@edef @qyliss What the heck are the DNS caches there doing??

Does the network do other evil things like blocking DNS at the border to prevent people running resolvers on their own laptops?

