lokinet/contrib/systemd-resolved
Jason Rhinelander 4ef25ef679 Add systemd-resolved dynamic DNS updating
Wires up systemd support to configure DNS on startup and when
enabling/disabling exit mode.

On startup (and when turning off an exit) we tell systemd-resolved to
direct .loki and .snode lookups to lokinet (leaving other DNS traffic
alone).

On exit enabling, we reconfigure it to resolve "." (i.e. the root DNS
domain) so that all lookups come into it.
2021-04-28 16:48:10 -03:00
..
lokinet.pkla Add systemd-resolved dynamic DNS updating 2021-04-28 16:48:10 -03:00
lokinet.rules Add systemd-resolved dynamic DNS updating 2021-04-28 16:48:10 -03:00
README.md Add systemd-resolved dynamic DNS updating 2021-04-28 16:48:10 -03:00

Lokinet now talks to systemd directly via sdbus to set up DNS, but in order for this to work the user running lokinet (assumed _lokinet in these example files) needs permission to set dns servers and domains.

To set up the permissions:

  • If lokinet is running as some user other than _lokinet the change the _lokinet username inside lokinet.rules and lokinet.pkla.

  • If on a Debian or Debian-derived distribution (such as Ubuntu) using polkit 105, copy lokinet.pkla to /var/lib/polkit-1/localauthority/10-vendor.d/lokinet.pkla (for a distro install) or /etc/polkit-1/localauthority.conf.d/ (for a local install).

  • Copy lokinet.rules to /usr/share/polkit-1/rules.d/ (distro install) or /etc/polkit-1/rules.d (local install).

Make use of it by switching to systemd-resolved:

sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
sudo systemctl enable --now systemd-resolved