9
dnscrypt-proxy2 routed through tor
(lemmy.world)
submitted
4 months ago* (last edited 4 months ago)
by
TeaTastic@lemmy.world
to
c/nix@programming.dev
I'm attempting to configure an anonymized DNS service using dnscrypt-proxy2, routed through the Tor network. I believe I have everything needed for it to work, but that does not seem to be the case. The DNS resolution is fine, but it's not being proxied through Tor as desired.
services.resolved.enable = false;
services.dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = config.networking.enableIPv6;
block_ipv6 = !(config.networking.enableIPv6);
listen_addresses = ["127.0.0.1:53" "[::1]:53"];
force_tcp = true;
use_syslog = false;
odoh_servers = true;
require_dnssec = true;
require_nolog = false;
require_nofilter = true;
anonymized_dns = {
routes = [
{
server_name = "*";
via = ["anon-plan9-dns" "anon-v.dnscrypt.up-ipv4"];
}
];
skip_incompatible = true;
};
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
block_unqualified = true;
block_undelegated = true;
proxy = "socks5://127.0.0.1:9050";
};
};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};
useDHCP = false;
enableIPv6 = true;
nameservers = [
"127.0.0.1"
"::1"
];
networkmanager.enable = true;
networkmanager.dns = "none";
services.tor = {
enable = true;
enableGeoIP = false;
torsocks.enable = true;
client = {
enable = true;
};
};
The simplified sequence diagram really helps to picture it. I'll PM you with the logs.