[guide] how-to setup a sys-dns qube revisions

Go back to topic: [guide] how-to setup a sys-dns qube

  1. v7 anchor; v7 full version
  2. v6 anchor; v6 full version
  3. v5 anchor; v5 full version
  4. v4 anchor; v4 full version
  5. v3 anchor; v3 full version
  6. v2 anchor; v2 full version

Revision #7

Edited on
2023-09-07
Edited by user
deeplow

Revision #6

Edited on
2022-09-19
Edited by user
ckN6QwSZ
set in `/etc/dnscrypt-proxy/dnscrypt-proxy.toml`. set in `/etc/dnscrypt-proxy/dnscrypt-proxy.toml`. I disabled `systemd-resolved` in the template, it might be possible to deinstall it. Actually I like systemd but sometimes systemd (and others like NetworkManager) do stuff in the background which I do not fully understand.

Revision #5

Edited on
2022-09-19
Edited by user
ckN6QwSZ
[user@dom0 ~]$ qvm-shutdown --force sys-firewall [user@dom0 ~]$ qvm-prefs sys-firewall netvm sys-dns
Shutdown `fedora-36-minimal-dns`, then start `sys-dns` and restart `sys-firewall`: If you want to configure `dnscrypt-proxy` the easiest way to achieve persitance is doing that in the template:
[user@dom0 ~]$ qvm-run -u root fedora-36-minimal xterm ``` From my point of view the most interesting settings are located in the following files: ``` [user@fedora-36-minimal]~% nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml [user@fedora-36-minimal]~% nano /etc/dnscrypt-proxy/captive-portals.txt [user@fedora-36-minimal]~% nano /etc/dnscrypt-proxy/cloaking-rules.txt ``` I.e. you need to have ``` listen_addresses = ['127.0.0.1:53'] ``` set in `/etc/dnscrypt-proxy/dnscrypt-proxy.toml`. After setting everything up to your needs `fedora-36-minimal-dns` and `fedora-36-minimal` have to be shutdown. Then start `sys-dns` and point `sys-firewall` to `sys-dns`: ``` [user@dom0 ~]$ qvm-shutdown fedora-36-minimal
[user@dom0 ~]$ qvm-start sys-firewall [user@dom0 ~]$ qvm-prefs sys-firewall netvm sys-dns

Revision #4

Edited on
2022-09-19
Edited by user
ckN6QwSZ

Revision #3

Edited on
2022-09-19
Edited by user
ckN6QwSZ
I used to run dnscrypt-proxy inside of sys-net to encrypt and secure dns-requests. Meanwhile I moved the service to a separate sys-dns and I would like to share the setup with the community: I used to run `dnscrypt-proxy` inside of `sys-net` to encrypt and secure dns-requests. Meanwhile I moved the service to a separate `sys-dns` and would like to share the setup with the community. Prerequisite is a `fedora-36-minimal` and `fedora-36-minimal-dvm` with `dnscrypt-proxy` installed and disabled.
[user@dom0 ~]$ qvm-shutdown --force sys-firewall
Change /rw/config/rc.local in fedora-36-minimal-dns as follows: Change `/rw/config/rc.local` in `fedora-36-minimal-dns` as follows:
Shutdown fedora-36-minimal-dns and start sys-dns: Shutdown `fedora-36-minimal-dns`, then start `sys-dns` and restart `sys-firewall`:
[user@dom0 ~]$ qvm-start sys-firewall

Revision #2

Edited on
2022-09-19
Edited by user
ckN6QwSZ
I used to run dnscrypt-proxy inside of sys-net to encrypt and secure dns-requests. Meanwhile I moved the service to a separate sys-dns. I used to run dnscrypt-proxy inside of sys-net to encrypt and secure dns-requests. Meanwhile I moved the service to a separate sys-dns and I would like to share the setup with the community:
[user@dom0 ~]$ qvm-clone fedora-36-minimal-dvm fedora-36-minimal-dns
[user@dom0 ~]$ qvm-prefs sys-firewall netvm sys-dns
Change /rw/config/rc.local in fedora-36-minimal-dns as follows:
[user@fedora-36-minimal-dns]~% nano /rw/config/rc.local [user@fedora-36-minimal-dns]~% cat /rw/config/rc.local
``` Shutdown fedora-36-minimal-dns and start sys-dns: ``` [user@dom0 ~]$ qvm-shutdown fedora-36-minimal-dns [user@dom0 ~]$ qvm-start sys-dns