public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dnscrypt-proxy service: allow user to specify their own resolver list

Browse Source
This commit is contained in:
Joachim Fasting 2016-05-10 07:04:20 +02:00
parent bd448b7139
commit e38e3dcdb6
No known key found for this signature in database
GPG Key ID: 4330820E1E04DCF4
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
nixos/modules/services/networking/dnscrypt-proxy.nix
View File

@ -6,12 +6,6 @@ let
dnscrypt-proxy = pkgs.dnscrypt-proxy; dnscrypt-proxy = pkgs.dnscrypt-proxy;
cfg = config.services.dnscrypt-proxy; cfg = config.services.dnscrypt-proxy;
# last updated: 2016-05-04
resolverListFile = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd";
};
localAddress = "${cfg.localAddress}:${toString cfg.localPort}"; localAddress = "${cfg.localAddress}:${toString cfg.localPort}";
daemonArgs = daemonArgs =
@ -28,7 +22,7 @@ let
"--provider-key=${cfg.customResolver.key}" "--provider-key=${cfg.customResolver.key}"
] ]
else else
[ "--resolvers-list=${resolverListFile}" [ "--resolvers-list=${cfg.resolverList}"
"--resolver-name=${toString cfg.resolverName}" "--resolver-name=${toString cfg.resolverName}"
]; ];
in in
@ -82,12 +76,24 @@ in
default = "dnscrypt.eu-nl"; default = "dnscrypt.eu-nl";
type = types.nullOr types.string; type = types.nullOr types.string;
description = '' description = ''
The name of the upstream DNSCrypt resolver to use. See The name of the upstream DNSCrypt resolver to use, taken from the
<filename>${resolverListFile}</filename> for alternative resolvers. list named in the <literal>resolverList</literal> option.
The default resolver is located in Holland, supports DNS security The default resolver is located in Holland, supports DNS security
extensions, and claims to not keep logs. extensions, and claims to not keep logs.
''; '';
}; };
resolverList = mkOption {
description = ''
The list of upstream DNSCrypt resolvers. By default, we use the most
recent list published by upstream.
'';
example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
default = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd";
};
defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }";
};
customResolver = mkOption { customResolver = mkOption {
default = null; default = null;
description = '' description = ''
@ -174,7 +180,7 @@ in
${pkgs.lz4}/lib/liblz4.so.* mr, ${pkgs.lz4}/lib/liblz4.so.* mr,
${pkgs.attr.out}/lib/libattr.so.* mr, ${pkgs.attr.out}/lib/libattr.so.* mr,
${resolverListFile} r, ${cfg.resolverList} r,
} }
'')); ''));