From 0c6bc733ae617ed5d2ad6bbfb703c4beef452253 Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 3 Dec 2018 21:49:56 +0100 Subject: [PATCH] dns/dnscrypt-proxy: change log directory, go stable (#1038) (cherry picked from commit d20af79c940d3f280f931f2470dd6b817566f08c) (cherry picked from commit a891fa3f5b85ea5c9de311f4f9f769645921823d) --- dns/dnscrypt-proxy/Makefile | 3 +-- .../controllers/OPNsense/Dnscryptproxy/forms/general.xml | 6 ++++++ .../mvc/app/models/OPNsense/Dnscryptproxy/General.xml | 4 ++++ .../src/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh | 2 ++ .../service/conf/actions.d/actions_dnscryptproxy.conf | 4 ++-- .../templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml | 8 ++++---- .../templates/OPNsense/Dnscryptproxy/dnscrypt_proxy | 3 +++ 7 files changed, 22 insertions(+), 8 deletions(-) create mode 100755 dns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh diff --git a/dns/dnscrypt-proxy/Makefile b/dns/dnscrypt-proxy/Makefile index 02031d896..9d20a0808 100644 --- a/dns/dnscrypt-proxy/Makefile +++ b/dns/dnscrypt-proxy/Makefile @@ -1,8 +1,7 @@ PLUGIN_NAME= dnscrypt-proxy -PLUGIN_VERSION= 0.1 +PLUGIN_VERSION= 1.0 PLUGIN_COMMENT= Flexible DNS proxy supportung DNSCrypt and DoH PLUGIN_DEPENDS= dnscrypt-proxy2 PLUGIN_MAINTAINER= m.muenz@gmail.com -PLUGIN_DEVEL= yes .include "../../Mk/plugins.mk" diff --git a/dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/general.xml b/dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/general.xml index d784dbd0b..6ad1b353e 100644 --- a/dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/general.xml +++ b/dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/general.xml @@ -13,6 +13,12 @@ true Set the IP address and port combinations this service should listen on, e.g 127.0.0.1:5353 and/or [::1]:5353 + + general.allowprivileged + + checkbox + This will allow you to run the service on port 53. + general.max_clients diff --git a/dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.xml b/dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.xml index 10d7f6abd..f45478a3f 100644 --- a/dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.xml +++ b/dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.xml @@ -11,6 +11,10 @@ 127.0.0.1:5353,[::1]:5353 N + + 0 + Y + 250 Y diff --git a/dns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh b/dns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh new file mode 100755 index 000000000..b5f8cb395 --- /dev/null +++ b/dns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh @@ -0,0 +1,2 @@ +mkdir -p /var/log/dnscrypt-proxy/ +chown _dnscrypt-proxy:_dnscrypt-proxy /var/log/dnscrypt-proxy/ diff --git a/dns/dnscrypt-proxy/src/opnsense/service/conf/actions.d/actions_dnscryptproxy.conf b/dns/dnscrypt-proxy/src/opnsense/service/conf/actions.d/actions_dnscryptproxy.conf index cbd158b77..d5298dafd 100644 --- a/dns/dnscrypt-proxy/src/opnsense/service/conf/actions.d/actions_dnscryptproxy.conf +++ b/dns/dnscrypt-proxy/src/opnsense/service/conf/actions.d/actions_dnscryptproxy.conf @@ -1,5 +1,5 @@ [start] -command:/usr/local/etc/rc.d/dnscrypt-proxy start +command:/usr/local/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh;/usr/local/etc/rc.d/dnscrypt-proxy start parameters: type:script message:starting dnscrypt-proxy @@ -11,7 +11,7 @@ type:script message:stopping dnscrypt-proxy [restart] -command:/usr/local/etc/rc.d/dnscrypt-proxy restart +command:/usr/local/opnsense/scripts/OPNsense/Dnscryptproxy/setup.sh;/usr/local/etc/rc.d/dnscrypt-proxy restart parameters: type:script message:restarting dnscrypt-proxy diff --git a/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml b/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml index eee0fe17d..75864165a 100644 --- a/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml +++ b/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml @@ -64,7 +64,7 @@ timeout = {{ OPNsense.dnscryptproxy.general.timeout }} keepalive = {{ OPNsense.dnscryptproxy.general.keepalive }} log_level = 2 -log_file = 'dnscrypt-proxy.log' +log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log' use_syslog = false cert_refresh_delay = {{ OPNsense.dnscryptproxy.general.cert_refresh_delay }} @@ -115,16 +115,16 @@ cache = false {% endif %} [query_log] - file = 'query.log' + file = '/var/log/dnscrypt-proxy/query.log' format = 'tsv' [nx_log] - file = 'nx.log' + file = '/var/log/dnscrypt-proxy/nx.log' format = 'tsv' [whitelist] whitelist_file = 'whitelist.txt' - log_file = 'whitelisted.log' + log_file = '/var/log/dnscrypt-proxy/whitelisted.log' log_format = 'tsv' [sources] diff --git a/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt_proxy b/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt_proxy index d0f6db463..8b8088749 100644 --- a/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt_proxy +++ b/dns/dnscrypt-proxy/src/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt_proxy @@ -1,5 +1,8 @@ {% if helpers.exists('OPNsense.dnscryptproxy.general.enabled') and OPNsense.dnscryptproxy.general.enabled == '1' %} dnscrypt_proxy_enable="YES" +{% if helpers.exists('OPNsense.dnscryptproxy.general.allowprivileged') and OPNsense.dnscryptproxy.general.allowprivileged == '1' %} +dnscrypt_proxy_suexec="YES" +{% endif %} {% else %} dnscrypt_proxy_enable="NO" {% endif %}