-
-
Notifications
You must be signed in to change notification settings - Fork 13.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNSCrypt project is closed. #33540
Comments
Sigh, okay I'll be removing the service & related stuff shortly. |
It's feasible that we can recover some functionality via unbound (it supports dnscrypt, though I've never actually tried it) or dns-over-tls. I'll be looking into that after removal. |
DNS-over-TLS: @Mic92 has experience with this via Unbound; Knot-resolver will also be an option, after a release expected within a week or two, and I will be able to help with such setups. |
@vcunat sounds good :) |
just as a heads-up, as of right now, unbound does not validate the dns-tls sources ( https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=658 ). |
That's sad. dnscrypt-wrapper is not affected but without the proxy is pretty much useless. |
The upstream project ceased. See NixOS#33540
I've opened a PR to remove the module, I've left the wrapper & related packages alone for now. |
The upstream project ceased. See NixOS#33540
Dyne.org has taken over the project! |
Yesterday? Is that a co-incidence? |
Ugh, it’s a bit harsh to just remove the package before the project is even completely dead, @joachifm. |
The project was gone, until dyne.org took it over yesterday, as in the github project page was 404. |
He removed the repository and pointed the website to a competitor with no mention of what happened to dnscrypt: something doesn't look right. Anyway without the tarballs on website the package can't still be built. |
There’s a Git repo. |
@Profpatsch I added
Do you know the commit of the latest release? |
@rnhmjoj that's most likely due to apparmor. |
Yes, your right. I added a rule for libtool and it passes. Is it really needed though? |
Not at all, I'm guessing it simply tries to use it because it is available in the build environment. A better solution is to convince it to not pick it up to begin with. (the daemon used to rely on it for plugins). |
It must be some different configure flag that was set in the official release. |
So, the repo is back up https://github.com/jedisct1/dnscrypt-proxy; it's going to be rewritten from scratch from the looks of it ... |
I found the original release tarballs on launchpad.net. We could use these in the meanwhile. |
The NixOS module has now been restored thanks to @rnhmjoj. Still not sure what to think about all this but I do think the immediate issue has been fixed. |
My expectation would be a slow decline of DNSCrypt, as DNS-over-(D)TLS got properly standardized in IETF and will be improving its implementation and deployment... I think this ticket can be marked as "solved", for now. |
To finish my advertisement, on nixpkgs master you can do e.g.:
More possibilities in docs (e.g. certificate pinning). Feel free to reach out to me/us: gitter, ML, GitLab, ... |
Also, DNSCrypt moved to version 2, and on NixOS, we are still on 1.9.5. |
@concatime feel free to update it. |
Issue description
https://twitter.com/jedisct1/status/928942292202860544
nixpkgs/pkgs/tools/networking/dnscrypt-proxy/default.nix
Line 10 in 0653b73
Will not working anymore.
The text was updated successfully, but these errors were encountered: