Difference between revisions of "Talk:Dnscrypt-proxy"

From ArchWiki
Jump to navigation Jump to search
m (correct section title)
(DNSCrypt is down?)
Line 41: Line 41:
  
 
::But this is with the old configuration file, not the new one? Also it seems like this only covers unbound but what about e.g. dnsmasq? {{unsigned|16:21, 30 December 2016|Utini2000}}
 
::But this is with the old configuration file, not the new one? Also it seems like this only covers unbound but what about e.g. dnsmasq? {{unsigned|16:21, 30 December 2016|Utini2000}}
 +
 +
== DNSCrypt download page and github project seems to be down ==
 +
 +
All I could find was this Reddit thread [https://twitter.com/jedisct1/status/928942292202860544] and a [https://github.com/DNSCrypt/dnscrypt-proxy new Github project here] [https://github.com/dyne/dnscrypt-proxy and here]

Revision as of 03:18, 8 January 2018

Revise or remove?

No matter how well it's written, this basically does what the instanced services method does, but users make the individual socket and service files by hand. Even if individual resolvers need different configurations, that could be achieved by overriding the instanced services. Some of this I would recycle into the instanced services section (Tip, Lastly). quequotion (talk) 16:04, 25 January 2017 (UTC)

Draft

Redundant DNSCrypt providers

To use additional dnscrypt providers, copy /usr/lib/systemd/system/dnscrypt-proxy.service to a new file, /etc/systemd/system/dnscrypt-proxy-short-name.here.service and specify a different resolver using the -R flag with a short name from dnscrypt-resolvers.csv.

Tip: Any other options you wish to use with this resolver should be specified on this command line; the use of a config file with command line options is unsupported.
[Service]
ExecStart=
ExecStart=/usr/bin/dnscrypt-proxy -R short-name.here

Then copy /usr/lib/systemd/system/dnscrypt-proxy.socket to a new file, /etc/systemd/system/dnscrypt-proxy-short-name.here.socket and, specify another port.

Comment: This is a cheapened version of the multiple instances method; considering to delete the above and move the below under "Create instanced systemd service". quequotion (talk) 02:46, 26 March 2017 (UTC)

Lastly, update your local DNS cache program to point to new service's port. For example, with unbound the configuration file would look like if using ports 5353 for the original socket and 5354 for the new socket.

Comment: command-line options override the configuration file (when run as a systemd service at least) quequotion (talk) 15:29, 24 January 2017 (UTC)
Comment: If this is the case, it is a bug - the man page says OPTIONS (ignored when a configuration file is provided). -- Lahwaacz (talk) 13:18, 24 January 2017 (UTC)
Comment: That's bad news; this is definetly the case. So users who want redundant / instanced services need to specify all their options on the command line and that's fine with me. quequotion (talk) 13:34, 24 January 2017 (UTC)
Comment: Or simply have multiple config files and an instantiated service similar to this one to select the right config. -- Lahwaacz (talk) 13:45, 24 January 2017 (UTC)
Comment: Sounds good; putting this back into the proposal with some adjustments. quequotion (talk) 14:15, 24 January 2017 (UTC)
Comment: The more I boil down the method above, the more it seems like it would be more sensible to remove it from the page entirely and just recommend the instances method. quequotion (talk) 15:07, 24 January 2017 (UTC)

Backup DNSCrypt resolver - especially with the new configuration file

Usually when setting a dns resolver you will always have the option to set a second/backup dns resolver (android,windows,networkmanager,router, what ever).

I think the wiki should cover a way on how to achieve the same with dnscrypt. Especially as some if the dnscrypt resolvers like to go offline every now and then (looking at you dnscrypt.eu-nl).

I have a running setup (which caused me some struggles to achieve that setup) but I have no idea how to replicate it. Espcially with the new configuration file which seems like it will only cover one dnscrypt instance?

Right now I have 2x dnscrypt running in systemd and the resolver.conf will choose which ever is online/working.

—This unsigned comment is by Utini2000 (talk) 11:56, 30 December 2016‎. Please sign your posts with ~~~~!

It already describes that: DNSCrypt#Redundant_DNSCrypt_providers -- Lahwaacz (talk) 12:02, 30 December 2016 (UTC)
But this is with the old configuration file, not the new one? Also it seems like this only covers unbound but what about e.g. dnsmasq? —This unsigned comment is by Utini2000 (talk) 16:21, 30 December 2016. Please sign your posts with ~~~~!

DNSCrypt download page and github project seems to be down

All I could find was this Reddit thread [1] and a new Github project here and here