File config.patch of Package dnscrypt-proxy
Index: dnscrypt-proxy/dnscrypt-proxy/example-dnscrypt-proxy.toml =================================================================== --- dnscrypt-proxy.orig/dnscrypt-proxy/example-dnscrypt-proxy.toml +++ dnscrypt-proxy/dnscrypt-proxy/example-dnscrypt-proxy.toml @@ -37,7 +37,7 @@ ## To listen to all IPv4 addresses, use `listen_addresses = ['0.0.0.0:53']` ## To listen to all IPv4+IPv6 addresses, use `listen_addresses = ['[::]:53']` -listen_addresses = ['127.0.0.1:53'] +listen_addresses = [] ## Maximum number of simultaneous client connections to accept @@ -228,7 +228,7 @@ keepalive = 30 ## This file is different from other log files, and will not be ## automatically rotated by the application. -# log_file = 'dnscrypt-proxy.log' +# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log' ## When using a log file, only keep logs from the most recent launch. @@ -309,7 +309,7 @@ cert_refresh_delay = 240 ## all TLS traffic to/from DoH servers. ## Never ever enable except for debugging purposes with a tool such as mitmproxy. -# tls_key_log_file = '/tmp/keylog.txt' +# tls_key_log_file = '/var/log/dnscrypt-proxy/tls_key.log' ############################################################################### @@ -445,7 +445,7 @@ reject_ttl = 10 ## See the `example-forwarding-rules.txt` file for an example -# forwarding_rules = 'forwarding-rules.txt' +# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt' ############################################################################### @@ -460,7 +460,7 @@ reject_ttl = 10 ## ## See the `example-cloaking-rules.txt` file for an example -# cloaking_rules = 'cloaking-rules.txt' +# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt' ## TTL used when serving entries in cloaking-rules.txt @@ -512,7 +512,7 @@ cache_neg_max_ttl = 600 ## check for connectivity and captive portals, along with hard-coded ## IP addresses to return. -# map_file = 'example-captive-portals.txt' +# map_file = '/etc/dnscrypt-proxy/example-captive-portals.txt' ############################################################################### @@ -543,8 +543,8 @@ cache_neg_max_ttl = 600 ## openssl req -x509 -nodes -newkey rsa:2048 -days 5000 -sha256 -keyout localhost.pem -out localhost.pem ## See the documentation (wiki) for more information. -# cert_file = 'localhost.pem' -# cert_key_file = 'localhost.pem' +# cert_file = '/etc/dnscrypt-proxy/localhost.pem' +# cert_key_file = '/etc/dnscrypt-proxy/localhost.pem' ############################################################################### @@ -556,7 +556,7 @@ cache_neg_max_ttl = 600 ## Path to the query log file (absolute, or relative to the same directory as the config file) ## Can be set to /dev/stdout in order to log to the standard output. -# file = 'query.log' +# file = '/var/log/dnscrypt-proxy/query.log' ## Query log format (currently supported: tsv and ltsv) @@ -581,7 +581,7 @@ format = 'tsv' ## Path to the query log file (absolute, or relative to the same directory as the config file) -# file = 'nx.log' +# file = '/var/log/dnscrypt-proxy/nx.log' ## Query log format (currently supported: tsv and ltsv) @@ -610,12 +610,12 @@ format = 'tsv' ## Path to the file of blocking rules (absolute, or relative to the same directory as the config file) -# blocked_names_file = 'blocked-names.txt' +# blocked_names_file = '/etc/dnscrypt-proxy/blocked-names.txt' ## Optional path to a file logging blocked queries -# log_file = 'blocked-names.log' +# log_file = '/var/log/dnscrypt-proxy/blocked-names.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -637,12 +637,12 @@ format = 'tsv' ## Path to the file of blocking rules (absolute, or relative to the same directory as the config file) -# blocked_ips_file = 'blocked-ips.txt' +# blocked_ips_file = '/etc/dnscrypt-proxy/blocked-ips.txt' ## Optional path to a file logging blocked queries -# log_file = 'blocked-ips.log' +# log_file = '/var/log/dnscrypt-proxy/blocked-ips.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -664,12 +664,12 @@ format = 'tsv' ## Path to the file of allow list rules (absolute, or relative to the same directory as the config file) -# allowed_names_file = 'allowed-names.txt' +# allowed_names_file = '/etc/dnscrypt-proxy/allowed-names.txt' ## Optional path to a file logging allowed queries -# log_file = 'allowed-names.log' +# log_file = '/var/log/dnscrypt-proxy/allowed-names.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -691,12 +691,12 @@ format = 'tsv' ## Path to the file of allowed ip rules (absolute, or relative to the same directory as the config file) -# allowed_ips_file = 'allowed-ips.txt' +# allowed_ips_file = '/etc/dnscrypt-proxy/allowed-ips.txt' ## Optional path to a file logging allowed queries -# log_file = 'allowed-ips.log' +# log_file = '/var/log/dnscrypt-proxy/allowed-ips.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -768,7 +768,7 @@ urls = [ 'https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', ] -cache_file = 'public-resolvers.md' +cache_file = '/var/lib/dnscrypt-proxy/public-resolvers.md' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' refresh_delay = 73 prefix = '' @@ -780,7 +780,7 @@ urls = [ 'https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md', ] -cache_file = 'relays.md' +cache_file = '/var/lib/dnscrypt-proxy/relays.md' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' refresh_delay = 73 prefix = '' @@ -789,13 +789,13 @@ prefix = '' # [sources.odoh-servers] # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-servers.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-servers.md'] -# cache_file = 'odoh-servers.md' +# cache_file = '/var/lib/dnscrypt-proxy/odoh-servers.md' # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' # refresh_delay = 73 # prefix = '' # [sources.odoh-relays] # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md'] -# cache_file = 'odoh-relays.md' +# cache_file = '/var/lib/dnscrypt-proxy/odoh-relays.md' # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' # refresh_delay = 73 # prefix = '' @@ -805,7 +805,7 @@ prefix = '' # [sources.quad9-resolvers] # urls = ['https://quad9.net/dnscrypt/quad9-resolvers.md'] # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN' -# cache_file = 'quad9-resolvers.md' +# cache_file = '/var/lib/dnscrypt-proxy/quad9-resolvers.md' # prefix = 'quad9-' ### Another example source, with resolvers censoring some websites not appropriate for children @@ -813,7 +813,7 @@ prefix = '' # [sources.parental-control] # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v3/parental-control.md'] -# cache_file = 'parental-control.md' +# cache_file = '/var/lib/dnscrypt-proxy/parental-control.md' # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' ### dnscry.pt servers - See https://www.dnscry.pt @@ -821,7 +821,7 @@ prefix = '' # [sources.dnscry-pt-resolvers] # urls = ["https://www.dnscry.pt/resolvers.md"] # minisign_key = "RWQM31Nwkqh01x88SvrBL8djp1NH56Rb4mKLHz16K7qsXgEomnDv6ziQ" -# cache_file = "dnscry.pt-resolvers.md" +# cache_file = "/var/lib/dnscrypt-proxy/dnscry.pt-resolvers.md" # refresh_delay = 73 # prefix = "dnscry.pt-"
