cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
openbsd-ports/net/dnscrypt-proxy/pkg
History
ajacoutot f50fdd748e Stop using the daemon class in @newuser. 
If we need to make an exception we can do it and properly document the
reason but by default we should just use the default login class.
rc.d uses daemon or the login class provided in login.conf.d so this has
no impact there.

discussed with sthen@, tb@ and robert@

praying that my grep/sed skills did not break anything and still
believing in portbump :-)
2022-11-08 11:14:43 +00:00
..
DESCR
dnscrypt_proxy.rc drop RCS Ids 2022-03-11 19:45:43 +00:00
PLIST Stop using the daemon class in @newuser. 2022-11-08 11:14:43 +00:00
README drop RCS Ids 2022-03-11 19:45:43 +00:00

README 

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

dnscrypt-proxy listens for DNS queries on a local address and forwards
them to a DNSCrypt resolver over an encrypted channel.

To use this package, several things are required.

Customizing dnscrypt-proxy.toml
===============================

Ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.

Resolvers
---------
Uncomment 'server_names' to have a smaller set of public resolvers to be used
for load balancing. If this line is commented, all registered servers matching
the require_* filters will be used for load balancing. Refer to
${LOCALSTATEDIR}/dnscrypt-proxy/public-resolvers.md for a list of all public
resolvers.

Load balancing strategy
-----------------------
Note the load balancing strategy, controlled by 'lb_strategy'. It can be
set to one of the following values:
  - 'first' (always pick the fastest server in the list)
  - 'p2' (randomly choose between the top two fastest servers)
  - 'ph' (randomly choose between the top fastest half of all servers)
  - 'random' (just pick any random server from the list)

'p2' is the default option. For more information, see
https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options

Logging
-------
Logging is disabled by default.

To log to ${LOCALSTATEDIR}/log/messages:
log_level = 2
use_syslog = true

To log to a custom file:
log_level = 2
log_file = '${LOCALSTATEDIR}/log/dnscrypt-proxy.log'

Daemon
======

Start the daemon:

# rcctl enable dnscrypt_proxy
# rcctl start dnscrypt_proxy

resolv.conf
===========

Set ${SYSCONFDIR}/resolv.conf to perform queries from dnscrypt-proxy:

nameserver 127.0.0.1
lookup file bind

Note: If your IP address is dynamically fetched, dhclient(8) will normally
update resolv.conf with network-provided DNS servers. This can be avoided by
using "ignore domain-name, domain-name-servers;" in ${SYSCONFDIR}/dhclient.conf.

For more information, see https://dnscrypt.info/