Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install As Service #39

Open
kathampy opened this issue Mar 16, 2019 · 13 comments
Open

Install As Service #39

kathampy opened this issue Mar 16, 2019 · 13 comments
Assignees
@ameshkov
Labels
enhancement New feature or request
Milestone
1.0

Comments

@kathampy
Copy link

Can you add a command line option to install dnsproxy as a service similar to cloudflared?

sudo cloudflared service install
https://github.com/cloudflare/cloudflared/blob/master/cmd/cloudflared/linux_service.go
@ameshkov ameshkov added the enhancement New feature or request label Mar 18, 2019
@ameshkov ameshkov added this to the 0.12 milestone Mar 18, 2019
@ameshkov
Copy link
Member

Well, that's possible, but I'd prefer to do it the same way we do it in AG Home:
https://github.com/AdguardTeam/AdGuardHome/blob/master/service.go

This way it'll be cross-platform and support Win/Linux/MacOS.

@kathampy
Copy link
Author

The service support in cloudflared is also cross-platform. I just linked to the Linux code for simplicity. Look at the parent directory. It doesn't require external libraries and uses only Go's sys packages even for the Windows service.

@ameshkov ameshkov modified the milestones: 0.12, 0.13 Mar 21, 2019
@ameshkov ameshkov self-assigned this May 27, 2019
@ameshkov ameshkov modified the milestones: 0.15, 1.0 Nov 8, 2019
@krombel
Copy link
Contributor

krombel commented Jan 4, 2020

In the meantime you might use the following file for systemd (after creating a dedicated user dnsproxy and placing the build accordingly):

# /etc/systemd/system/dnsproxy.service
[Unit]
Description=dnsproxy
After=syslog.target
After=network.target

[Service]
Restart=always
RestartSec=2s
Type=simple
User=dnsproxy
Group=dnsproxy
WorkingDirectory=/var/lib/dnsproxy

ExecStart=/usr/local/bin/dnsproxy -z \
    -l 127.0.0.1 -p 53 \
    -u https://doh.ffmuc.net/dns-query -u tls://dot.ffmuc.net \
    -f 127.0.0.53:53

CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

@Cwek
Copy link

Cwek commented Nov 7, 2020

Is it also possible to add a command line option for writing the runtime PID to the PID file ?

@ameshkov ameshkov mentioned this issue Nov 23, 2020
Open
@EchedelleLR
Copy link

EchedelleLR commented Mar 3, 2021
edited
Loading

Which inits would be supported?

I would be interested in OpenRC support as well but maybe if SysVInit script is provided, would work on any system using OpenRC (Gentoo, Devuan, Alpine which is used in containers a lot), Runit (Dragora GNU/Linux-Libre, Void Linux) or SystemD (Ubuntu, Debian and derivatives) and even legacy SysVInit.

@joshcangit joshcangit mentioned this issue Jul 18, 2021
Open
@ameshkov ameshkov mentioned this issue Oct 10, 2021
Closed
@gspannu
Copy link

gspannu commented Feb 22, 2022

Is there any temporary work around to achieve the below for my ASUS Router (in the meantime)?

@ameshkov @joshcangit @krombel

Something similar to AdGuardHome...

I can configure AdGuardHome to run as a service on my ASUS Merlin Router (with Entware).

Example of AdGuard Home

  1. Contents of /opt/etc/init.d/
#!/bin/sh
ENABLED=yes
WORK_DIR=/opt/etc/AdGuardHome
PROCS=AdGuardHome
ARGS="-c $WORK_DIR/AdGuardHome.yaml -w "$WORK_DIR" --no-check-update -l syslog"
PREARGS="nohup"
PRECMD="killall -9 dnsmasq"
POSTCMD="service restart_dnsmasq"
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export TZ=$(cat /etc/TZ)
. /opt/etc/init.d/rc.func
  1. And then I all I need to do is make changes to my dnsmasq conf
port=553
local=/1.168.192.in-addr.arpa/

This makes AdGuardHome as the DNS server running on port 53 and my existing dnsmasq still operating on my router (on custom port 553 and only for local queries)

Can I do something similar with dnsproxy?

Or some workaround/ hack to utilise it the same way as AdGuardHome ?

What I am looking to achieve is...

  • Run dnsproxy as a service and listen on port 53
  • dnsproxy will then forward the queries to different upstream AdGuardHome resolvers (configured in dnsproxy.yaml)
  • existing dnsmasq (of the Asus router) will continue to operate as normal; but listening on port 553 and responding only to local queries.

@gspannu
Copy link

gspannu commented Feb 23, 2022
edited
Loading

Not using dnsmasq but I'm using systemd-resolved. I set this in /etc/systemd/resolved.conf.
.......
But before that, I set nameserver 127.0.0.1 to /etc/resolvconf/resolv.conf.d/tail. I didn't even needed to remove systemd-resolved or set a different port.

Thanks.

@joshcangit I presume you are running this on Debian/ Ubuntu..

My bigger issue is getting dnsproxy to run as a service. How do I get dnsproxy to launch automatically using /opt/etc/init.d
.... this is the crux of my issue.

@joshcangit
Copy link

joshcangit commented Feb 23, 2022
edited
Loading

Yes indeed, I'm using Ubuntu.
Sorry, I assumed this would work the same on your setup.
As far as I can tell, I'm only guessing as to how it would work.
I just read the README.md to use the command with arguments inside a systemd.service file.
So maybe the configuration could be this?

#!/bin/sh
ENABLED=yes
WORK_DIR=/opt/etc/AdguardTeam
PROCS=dnsproxy
ARGS="-l 127.0.0.1 -l ::1 -u quic://dns.futuredns.me -u quic://doh.tiar.app -f https://anycast.dns.nextdns.io/dns-query -f https://doh.dns.sb/dns-query -b 80.80.80.80:53 -b 80.80.81.81:53 --all-servers"
PREARGS="nohup"
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export TZ=$(cat /etc/TZ)
. /opt/etc/init.d/rc.func

Forgive me, i didn't know about Entware.
I'll also guess you may not need to use different ports.
It can still be port 53, but maybe dnsmasq and dnsproxy clash on Entware?

@ameshkov ameshkov mentioned this issue Mar 4, 2022
Closed
@iJorgen
Copy link

iJorgen commented Aug 5, 2022

quic://doh3.dns.nextdns.io

Old thread, but noticed you are using DoH3 to NextDNS in the config. Can DNSproxy already do DoH3 to upstream servers?!
Is it only acting as it's own DoH3-server that's missing in DNSproxy?

@joshcangit
Copy link

joshcangit commented Aug 13, 2022
edited
Loading

oh, I forgot about what I said in #234.
It works if only if QUIC port is 853.
I know NextDNS uses 8853, AdGuard uses 784 and Dandelion Sprout 48582 so those can't ever be used.
I wasn't aware of dnsproxy using the fallback DNS addresses.
I think quic://dns.futuredns.me and quic://doh.tiar.app should work.

@Tealk
Copy link

Tealk commented May 18, 2024
edited
Loading

I try to start it with:

[Unit]
Description=dnsproxy
After=syslog.target
After=network.target

[Service]
Restart=always
RestartSec=2s
Type=simple
User=root
Group=root
WorkingDirectory=/opt/dnsproxy
ExecStart=/opt/dnsproxy/dnsproxy --config-path=config.yaml

CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

but i get this error:

Mai 18 17:18:38 tealks-frame-work systemd[1]: dnsproxy.service: Main process exited, code=exited, status=203/EXEC
Mai 18 17:18:38 tealks-frame-work systemd[1]: dnsproxy.service: Failed with result 'exit-code'.

System:
  Kernel: 6.8.9-300.fc40.x86_64 arch: x86_64 bits: 64 compiler: gcc
    v: 2.41-34.fc40
  Desktop: GNOME v: 46.1 Distro: Fedora Linux 40.20240518.0 (Silverblue)

@Mikaela
Copy link

Mikaela commented May 19, 2024

@Tealk your ExecStart has a spelling mistake, unless you have a binary named dnYproxy

@Tealk
Copy link

Tealk commented May 19, 2024

@Mikaela thanks, i realised that yesterday but i must have forgotten to correct it here, that's not the problem anyway.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ameshkov ameshkov

Labels
enhancement New feature or request
Projects
None yet
Milestone
1.0
Development

No branches or pull requests
10 participants
@gspannu @Mikaela @kathampy @ameshkov @Cwek @krombel @Tealk @joshcangit @iJorgen @EchedelleLR