How do you run DNSCrypt for s6? I have it as sudo s6-rc-bundle add default and I've followed the Arch wiki https://wiki.archlinux.org/title/Dnscrypt-proxy. Has anyone here got this working?
What exactly is your problem? does your service not start?
Yeah it's not starting, I still have a DNS leak afterwards.
I have the s6 scripts for DNSCrypt too.
share logs for dnscrypt at path
/var/log/dinit/
This directory doesn't exist for me.
I've never used this service before but installing it and starting it with the usual s6 command (s6-rc -u change dnscrypt-proxy) shows that the executable runs.
I'm getting "s6-rc-u command not found"
It's
s6-rc -u change dnscrypt-proxy
Notice the space.
I tried that too and I still have a DNS leak
Does DNSCrypt only work for systemd?
did you try setting your /etc/resolv.conf to your dnscrypt local ip?
Whatever change I make to resolv.conf it resets back to 127.0.0.1
Is the binary running? That's the important part. If dnscrypt-proxy is running, then you know it's not an s6 issue. You need to configure the application correctly (however you do that; I do not know).
It's a daemon process, I've tried dnsmasq, stubby and dnscrypt. None of these work for me for some reason. Looking around the Artix forum I've seen some people who've claimed they had it running but idk what they did to get it to work. I'm not going to bother working on this anymore unless someone can share the steps in getting this running.
https://wiki.archlinux.org/title/Domain_name_resolution#Overwriting_of_/etc/resolv.conf
Run dnscrypt-proxy from the terminal and see what it says.
[FATAL] Unable to load the configuration file [dnscrypt-proxy.toml] -- Maybe use the -config command-line switch?
/usr/bin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml
try this command
Edit : https://gitea.artixlinux.org/artix/s6-services/src/commit/f825fe17f9b24edca05a6c9cae5083fbb14acada/dnscrypt-proxy/dnscrypt-proxy-srv/run#L3
service contain same line
Question : Do you use network manager? if so have you disabled network manager dns ?
I do but I've tried with and without network manager.
You want me to replace the command at the bottom of the script to [ /usr/bin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml ] ?
What's the equivalent to a "socket" for s6? saw it in this tutorial https://youtube.com/watch?v=587F2-eKBqc
Also I did everything in this vid exactly the way he did it except for the systemd socket parts.
All unix systems have sockets. Systemd has a file format for specifying socket paths that can be used as part of the dependencies/services (no other init systems have that). This shouldn't actually matter though. Again, I have no idea how this program works, but presumably it just uses a path to make some socket file somewhere and it should be totally capable of doing that on its own.
Tried the systemd routing thing by making some dummy type files and it didn't work either
Stop going off track, what did executing
/usr/bin/dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml on the command line give you?
No need to be rude, the command did nothing.
There's a package called "s6-dns" would there be any useful commands in there for configuring dnscrypt?
That's completely different, unrelated software.
resolve.conf must be configured (https://wiki.archlinux.org/title/Dnscrypt-proxy#Modify_resolv.conf) inorder to work dnscrypt-proxy
Some programs overwrite this file . i.e NetworkManager Read this section and apply what is written there https://wiki.archlinux.org/title/NetworkManager#Unmanaged_/etc/resolv.conf
Then restart NetworkManager and dnscrypt service file and read logs
There was mistake by me , you need to look logs at /var/log/ directory
There's a folder called dnscrypt-proxy which contain 3 readable files but they're all empty
Even when I do this https://wiki.archlinux.org/title/NetworkManager#Unmanaged_/etc/resolv.conf the resolv.conf goes back to
nameserver ::1
nameserver 127.0.0.1
When I add options edns0, it doesn't save.
At this point you're just better off making the file immutable so you can see if dnscrypt-proxy works at all, execute
chattr +i /etc/resolv.confAs in what? what output did it give?
It gave no output.
The same goes for chattr +i /etc/resolv.conf. I tried running it as sudo too with no result.
On my system
when I run : sudo dnscrypt-proxy -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml
output
[2022-10-26 21:19:33] [NOTICE] dnscrypt-proxy 2.1.2
[2022-10-26 21:19:33] [NOTICE] Network connectivity detected
[2022-10-26 21:19:33] [NOTICE] Now listening to 127.0.0.1:53 [UDP]
[2022-10-26 21:19:33] [NOTICE] Now listening to 127.0.0.1:53 [TCP]
[2022-10-26 21:19:33] [NOTICE] Now listening to [::1]:53 [UDP]
[2022-10-26 21:19:33] [NOTICE] Now listening to [::1]:53 [TCP]
[2022-10-26 21:19:35] [WARNING] /var/cache/dnscrypt-proxy/public-resolvers.md: open /var/cache/dnscrypt-proxy/sf-ks4l7qiijhbbmspo.tmp: no such file or directory
[2022-10-26 21:19:35] [NOTICE] Source [public-resolvers] loaded
[2022-10-26 21:19:35] [NOTICE] Firefox workaround initialized
[2022-10-26 21:19:41] [NOTICE] [scaleway-fr] TIMEOUT
[2022-10-26 21:19:46] [NOTICE] [resolver4.dns.openinternet.io] TIMEOUT
[2022-10-26 21:19:52] [NOTICE] [quad9-dnscrypt-ip4-nofilter-pri] TIMEOUT
[2022-10-26 21:19:54] [NOTICE] [doh.ffmuc.net] OK (DoH) - rtt: 610ms
[2022-10-26 21:19:56] [NOTICE] [uncensoreddns-ipv4] OK (DoH) - rtt: 409ms
[2022-10-26 21:19:59] [NOTICE] [nextdns-ultralow] OK (DoH) - rtt: 283ms
[2022-10-26 21:20:05] [NOTICE] [dnscrypt.ca-2] TIMEOUT
[2022-10-26 21:20:06] [NOTICE] [sby-doh-limotelu] OK (DoH) - rtt: 407ms
[2022-10-26 21:20:12] [NOTICE] [saldns01-conoha-ipv4] TIMEOUT
[2022-10-26 21:20:14] [NOTICE] [ams-doh-nl] OK (DoH) - rtt: 307ms
[2022-10-26 21:20:20] [NOTICE] [saldns03-conoha-ipv4] TIMEOUT
[2022-10-26 21:20:22] [NOTICE] [jp.tiar.app-doh] OK (DoH) - rtt: 270ms
[2022-10-26 21:20:23] [NOTICE] [dns.ryan-palmer] OK (DoH) - rtt: 204ms
[2022-10-26 21:20:23] [NOTICE] [quad9-doh-ip4-port443-nofilter-pri] OK (DoH) - rtt: 201ms
[2022-10-26 21:20:29] [NOTICE] [dnscrypt.be] TIMEOUT
[2022-10-26 21:20:34] [NOTICE] [altername] TIMEOUT
[2022-10-26 21:20:35] [NOTICE] [quad9-doh-ip4-port5053-nofilter-pri] OK (DoH) - rtt: 162ms
[2022-10-26 21:20:37] [NOTICE] [dnscrypt.ca-2-doh] OK (DoH) - rtt: 309ms
[2022-10-26 21:20:43] [NOTICE] [plan9dns-fl] TIMEOUT
[2022-10-26 21:20:43] [NOTICE] [bortzmeyer] OK (DoH) - rtt: 208ms
cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1
I think I might've found the reason why my resolv.conf changes, I had connman still installed after I installed NetworkManager. Issue now is that I can't connect to the internet since I've removed connman.
The command you posted above still doesn't show anything for me for some reason.
>The same goes for chattr +i /etc/resolv.conf. I tried running it as sudo too with no result.
That's natural, you can verify that the immutable flag has been set using lsattr(1)
I changed it back to -i earlier so I could edit resolv.conf again to see if something I did worked. Now i'm stuck with "fatal: networkmanager is not a recognized identifier in run/s6-db/state" when I try to run networkmanager instead of connman. Btw yes I have the networkmanager s6 script.
there is no need to remove connman pkg , connman and networkmanager should not running at same time
Connman was altering my resolv.conf which is the reason why I removed it.
Anyone got any ideas how to run networkmanager through s6 without the "fatal: networkmanager is not a recognized identifier in run/s6-db/state" message?
update s6 db
That's what I did right after I installed the s6 script for it earlier, I also made it a default service.
Figured out the internet issue I had to rename the service from networkmanager to NetworkManager
Conman was the issue. I've fixed my DNS leak and my connectivity issue. Thanks for helping me everyone for the past couple of days.