diff options
Diffstat (limited to 'net-dns/dnscrypt-proxy/files')
7 files changed, 140 insertions, 74 deletions
diff --git a/net-dns/dnscrypt-proxy/files/config-full-paths-r2.patch b/net-dns/dnscrypt-proxy/files/config-full-paths-r2.patch new file mode 100644 index 000000000000..b693f1abbb32 --- /dev/null +++ b/net-dns/dnscrypt-proxy/files/config-full-paths-r2.patch @@ -0,0 +1,95 @@ +--- dnscrypt-proxy-2.0.0/dnscrypt-proxy/example-dnscrypt-proxy.toml 2018-02-06 10:33:58.000000000 -0800 ++++ dnscrypt-proxy-2.0.0/dnscrypt-proxy/dnscrypt-proxy.toml 2018-02-09 19:15:00.105927884 -0800 +@@ -85,7 +85,7 @@ + + ## log file for the application + +-# log_file = 'dnscrypt-proxy.log' ++# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log' + + + ## Use the system logger (syslog on Unix, Event Log on Windows) +@@ -140,7 +140,7 @@ + ## example.com 9.9.9.9 + ## example.net 9.9.9.9,8.8.8.8 + +-# forwarding_rules = 'forwarding-rules.txt' ++# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt' + + + +@@ -156,7 +156,7 @@ + ## example.com 10.1.1.1 + ## www.google.com forcesafesearch.google.com + +-# cloaking_rules = 'cloaking-rules.txt' ++# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt' + + + +@@ -200,7 +200,7 @@ + + ## Path to the query log file (absolute, or relative to the same directory as the executable file) + +- # file = 'query.log' ++ # file = '/var/log/dnscrypt-proxy/query.log' + + + ## Query log format (currently supported: tsv and ltsv) +@@ -226,7 +226,7 @@ + + ## Path to the query log file (absolute, or relative to the same directory as the executable file) + +- # file = 'nx.log' ++ # file = '/var/log/dnscrypt-proxy/nx.log' + + + ## Query log format (currently supported: tsv and ltsv) +@@ -255,12 +255,12 @@ + + ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file) + +- # blacklist_file = 'blacklist.txt' ++ # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt' + + + ## Optional path to a file logging blocked queries + +- # log_file = 'blocked.log' ++ # log_file = '/var/log/dnscrypt-proxy/blocked.log' + + + ## Optional log format: tsv or ltsv (default: tsv) +@@ -283,12 +283,12 @@ + + ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file) + +- # blacklist_file = 'ip-blacklist.txt' ++ # blacklist_file = '/etc/dnscrypt-proxy/ip-blacklist.txt' + + + ## Optional path to a file logging blocked queries + +- # log_file = 'ip-blocked.log' ++ # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log' + + + ## Optional log format: tsv or ltsv (default: tsv) +@@ -357,7 +357,7 @@ + + [sources.'public-resolvers'] + url = 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md' +- cache_file = 'public-resolvers.md' ++ cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md' + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + refresh_delay = 72 + prefix = '' +@@ -367,7 +367,7 @@ + + # [sources.'parental-control'] + # url = 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md' +- # cache_file = 'parental-control.md' ++ # cache_file = '/var/cache/dnscrypt-proxy/parental-control.md' + # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + + diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd deleted file mode 100644 index ceedd454b5fb..000000000000 --- a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd +++ /dev/null @@ -1,7 +0,0 @@ -DNSCRYPT_LOCALIP=127.0.0.1 -DNSCRYPT_LOCALPORT=53 -DNSCRYPT_USER=dnscrypt -DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.opendns.com -DNSCRYPT_PROVIDER_KEY=B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79 -DNSCRYPT_RESOLVERIP=208.67.220.220 -DNSCRYPT_RESOLVERPORT=443 diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd-r2 b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd-r2 new file mode 100644 index 000000000000..9934e828b82a --- /dev/null +++ b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.confd-r2 @@ -0,0 +1,3 @@ +#DNSCRYPT_OPTS="--config /etc/dnscrypt-proxy/dnscrypt-proxy.toml" +#DNSCRYPT_USER="dnscrypt" +#DNSCRYPT_GROUP="dnscrypt" diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd deleted file mode 100644 index 9b07d7d47d82..000000000000 --- a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd +++ /dev/null @@ -1,47 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -DNSCRYPT_LOGFILE=${DNSCRYPT_LOGFILE:-/var/log/dnscrypt-proxy.log} - -rundir=${rundir:-/var/run/dnscrypt-proxy} -pidfile=${pidfile:-${rundir}/dnscrypt-proxy.pid} -rundir=${rundir:-/var/run/dnscrypt-proxy} -runas_user=${runas_user:-dnscrypt} -runas_group=${runas_user:-dnscrypt} - -depend() { - use net - before dns - after logger -} - -start() { - if [ ! -d "${rundir}" ]; then - mkdir "${rundir}" - if [ -n "${runas_user}" ]; then - touch "${DNSCRYPT_LOGFILE}" - chown ${runas_user}:${runas_group} "${DNSCRYPT_LOGFILE}" - chown -R ${runas_user}:${runas_group} "${rundir}" - fi - fi - - ebegin "Starting dnscrypt-proxy" - start-stop-daemon --start --quiet \ - --exec /usr/sbin/dnscrypt-proxy \ - -- \ - --pidfile="${pidfile}" \ - --logfile="${DNSCRYPT_LOGFILE}" \ - --daemonize --user=${runas_user} \ - --local-address=${DNSCRYPT_LOCALIP}:${DNSCRYPT_LOCALPORT} \ - --resolver-address=${DNSCRYPT_RESOLVERIP}:${DNSCRYPT_RESOLVERPORT} \ - --provider-name=${DNSCRYPT_PROVIDER_NAME} \ - --provider-key=${DNSCRYPT_PROVIDER_KEY} - eend $? -} - -stop() { - ebegin "Stopping dnscrypt-proxy" - start-stop-daemon --stop --quiet --exec /usr/sbin/dnscrypt-proxy - eend $? -} diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd-r2 b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd-r2 new file mode 100644 index 000000000000..dcccd83dab3d --- /dev/null +++ b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd-r2 @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command="/usr/bin/dnscrypt-proxy" +command_args="${DNSCRYPT_OPTS:---config /etc/dnscrypt-proxy/dnscrypt-proxy.toml}" +command_user="${DNSCRYPT_USER:-dnscrypt}:${DNSCRYPT_GROUP:-dnscrypt}" +pidfile="/run/${SVCNAME}.pid" +start_stop_daemon_args="--background --make-pidfile" + +depend() { + use net logger + provide dns +} + +start_pre() { + checkpath -q -d -m 0775 -o "${command_user}" /var/cache/"${SVCNAME}" + checkpath -q -d -m 0775 -o "${command_user}" /var/log/"${SVCNAME}" +} diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service deleted file mode 100644 index 4403254280a2..000000000000 --- a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=A tool for securing communications between a client and a DNS resolver - -[Service] -Type=simple -PIDFile=/var/run/dnscrypt-proxy.pid -EnvironmentFile=/etc/conf.d/dnscrypt-proxy -ExecStartPre=/bin/rm -f /var/run/dnscrypt-proxy.pid -ExecStart=/usr/sbin/dnscrypt-proxy \ - --pidfile=/var/run/dnscrypt-proxy.pid \ - --logfile=/var/log/dnscrypt-proxy.log \ - --local-address=${DNSCRYPT_LOCALIP}:${DNSCRYPT_LOCALPORT} \ - --resolver-address=${DNSCRYPT_RESOLVERIP}:${DNSCRYPT_RESOLVERPORT} \ - --provider-name=${DNSCRYPT_PROVIDER_NAME} \ - --provider-key=${DNSCRYPT_PROVIDER_KEY} \ - --user=${DNSCRYPT_USER} -Restart=on-abort - -[Install] -WantedBy=multi-user.target diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service-r2 b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service-r2 new file mode 100644 index 000000000000..745b094aaa16 --- /dev/null +++ b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.service-r2 @@ -0,0 +1,23 @@ +[Unit] +Description=DNSCrypt client proxy +Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki +Requires=dnscrypt-proxy.socket +After=network.target +Before=nss-lookup.target +Wants=nss-lookup.target + +[Install] +Also=dnscrypt-proxy.socket +WantedBy=multi-user.target + +[Service] +User=dnscrypt +Group=dnscrypt +Type=simple +NonBlocking=true +ExecStart=/usr/bin/dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml +ProtectHome=true +CacheDirectory=dnscrypt-proxy +LogsDirectory=dnscrypt-proxy +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE |