From 6dc7bcbcaf17bc56bb566f8b3b4fde12abc1d824 Mon Sep 17 00:00:00 2001 From: David Runge Date: Thu, 11 Jun 2020 11:45:32 +0200 Subject: [PATCH] Make configuration FHS compliant dnscrypt-proxy/example-dnscrypt-proxy.toml: Change the example configuration to be File Hierarchy System (FHS) compliant. --- dnscrypt-proxy/example-dnscrypt-proxy.toml | 42 +++++++++++----------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml index 12d9bdecd7..3c8852f048 100644 --- a/dnscrypt-proxy/example-dnscrypt-proxy.toml +++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml @@ -157,7 +157,7 @@ keepalive = 30 ## This file is different from other log files, and will not be ## automatically rotated by the application. -# log_file = 'dnscrypt-proxy.log' +log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log' ## When using a log file, only keep logs from the most recent launch. @@ -167,7 +167,7 @@ keepalive = 30 ## Use the system logger (syslog on Unix, Event Log on Windows) -# use_syslog = true +use_syslog = true ## Delay, in minutes, after which certificates are reloaded @@ -325,7 +325,7 @@ reject_ttl = 600 ## See the `example-forwarding-rules.txt` file for an example -# forwarding_rules = 'forwarding-rules.txt' +# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt' @@ -339,7 +339,7 @@ reject_ttl = 600 ## ## See the `example-cloaking-rules.txt` file for an example -# cloaking_rules = 'cloaking-rules.txt' +# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt' ## TTL used when serving entries in cloaking-rules.txt @@ -392,7 +392,7 @@ cache_neg_max_ttl = 600 ## check for connectivity and captive portals, along with hard-coded ## IP addresses to return. -# map_file = 'example-captive-portals.txt' +# map_file = '/etc/dnscrypt-proxy/captive-portals.txt' @@ -422,8 +422,8 @@ cache_neg_max_ttl = 600 ## Certificate file and key - Note that the certificate has to be trusted. ## See the documentation (wiki) for more information. -# cert_file = 'localhost.pem' -# cert_key_file = 'localhost.pem' +# cert_file = "/var/lib/dnscrypt-proxy/localhost.pem" +# cert_key_file = "/var/lib/dnscrypt-proxy/localhost.pem" @@ -438,7 +438,7 @@ cache_neg_max_ttl = 600 ## Path to the query log file (absolute, or relative to the same directory as the config file) ## Can be set to /dev/stdout in order to log to the standard output. - # file = 'query.log' + # file = '/var/log/dnscrypt-proxy/query.log' ## Query log format (currently supported: tsv and ltsv) @@ -464,7 +464,7 @@ cache_neg_max_ttl = 600 ## Path to the query log file (absolute, or relative to the same directory as the config file) - # file = 'nx.log' + # file = '/var/log/dnscrypt-proxy/nx.log' ## Query log format (currently supported: tsv and ltsv) @@ -494,12 +494,12 @@ cache_neg_max_ttl = 600 ## Path to the file of blocking rules (absolute, or relative to the same directory as the config file) - # blocked_names_file = 'blocked-names.txt' + # blocked_names_file = '/etc/dnscrypt-proxy/blocked-names.txt' ## Optional path to a file logging blocked queries - # log_file = 'blocked-names.log' + # log_file = '/var/log/dnscrypt-proxy/blocked-names.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -522,12 +522,12 @@ cache_neg_max_ttl = 600 ## Path to the file of blocking rules (absolute, or relative to the same directory as the config file) - # blocked_ips_file = 'blocked-ips.txt' + # blocked_ips_file = '/etc/dnscrypt-proxy/blocked-ips.txt' ## Optional path to a file logging blocked queries - # log_file = 'blocked-ips.log' + # log_file = '/var/log/dnscrypt-proxy/blocked-ips.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -550,12 +550,12 @@ cache_neg_max_ttl = 600 ## Path to the file of allow list rules (absolute, or relative to the same directory as the config file) - # allowed_names_file = 'allowed-names.txt' + # allowed_names_file = '/etc/dnscrypt-proxy/allowed-names.txt' ## Optional path to a file logging allowed queries - # log_file = 'allowed-names.log' + # log_file = '/var/log/dnscrypt-proxy/allowed-names.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -578,12 +578,12 @@ cache_neg_max_ttl = 600 ## Path to the file of allowed ip rules (absolute, or relative to the same directory as the config file) - # allowed_ips_file = 'allowed-ips.txt' + # allowed_ips_file = '/etc/dnscrypt-proxy/allowed-ips.txt' ## Optional path to a file logging allowed queries - # log_file = 'allowed-ips.log' + # log_file = '/var/log/dnscrypt-proxy/allowed-ips.log' ## Optional log format: tsv or ltsv (default: tsv) @@ -654,7 +654,7 @@ cache_neg_max_ttl = 600 [sources.'public-resolvers'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', 'https://download.dnscrypt.net/resolvers-list/v3/public-resolvers.md'] - cache_file = 'public-resolvers.md' + cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' refresh_delay = 72 prefix = '' @@ -663,7 +663,7 @@ cache_neg_max_ttl = 600 [sources.'relays'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/relays.md', 'https://download.dnscrypt.net/resolvers-list/v3/relays.md'] - cache_file = 'relays.md' + cache_file = '/var/cache/dnscrypt-proxy/relays.md' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' refresh_delay = 72 prefix = '' @@ -673,7 +673,7 @@ cache_neg_max_ttl = 600 # [sources.quad9-resolvers] # urls = ['https://www.quad9.net/quad9-resolvers.md'] # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN' - # cache_file = 'quad9-resolvers.md' + # cache_file = '/var/cache/dnscrypt-proxy/quad9-resolvers.md' # prefix = 'quad9-' ## Another example source, with resolvers censoring some websites not appropriate for children @@ -681,7 +681,7 @@ cache_neg_max_ttl = 600 # [sources.'parental-control'] # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v3/parental-control.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/parental-control.md', 'https://download.dnscrypt.net/resolvers-list/v3/parental-control.md'] - # cache_file = 'parental-control.md' + # cache_file = '/var/cache/dnscrypt-proxy/parental-control.md' # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'