cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 15:38:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

stubby: add uci support to init file

Browse Source 
This commit brings UCI support to the stubby package.

    o All options are documented in the README.md file.
    o The README.md file has been re-written to include a short usage
      manual.
    o The default configuration now includes more Cloudflare addresses.
    o The stubby service is (re)started using procd triggers from a
      specified interface with a configurable time delay.
    o Round robin use of upstream resolvers is now activated by
      default.
    o Client privacy is now activated by default.
    o Options are added for specifying the log level of the daemon and
      command line options passed to the stubby command.

Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
This commit is contained in:
Jonathan G. Underwood
2018-09-30 14:59:57 +01:00
parent 46a35a82c3
commit 7b1f892504
5 changed files with 634 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/stubby/files/stubby.yml
+11 -41
View File
@@ -1,55 +1,25 @@
#NOTE: See '/etc/stubby/stubby.yml.default' for original config file and descriptions
# Note: by default on OpenWRT stubby configuration is handled via
# the UCI system and the file /etc/config/stubby. If you want to
# use this file to configure stubby, then set "option manual '1'"
# in /etc/config/stubby.
resolution_type: GETDNS_RESOLUTION_STUB
dns_transport_list:
- GETDNS_TRANSPORT_TLS
round_robin_upstreams: 1
appdata_dir: "/var/lib/stubby"
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
tls_query_padding_blocksize: 128
edns_client_subnet_private : 1
round_robin_upstreams: 0
edns_client_subnet_private: 1
idle_timeout: 10000
listen_addresses:
- 127.0.0.1@5453
- 0::1@5453
- 0::1@5453
dns_transport_list:
- GETDNS_TRANSPORT_TLS
upstream_recursive_servers:
# IPv6 addresses
# # Cloudflare IPv6
- address_data: 2606:4700:4700::1111
tls_auth_name: "cloudflare-dns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: yioEpqeR4WtDwE9YxNVnCEkTxIjx6EEIwFSQW+lJsbc=
- address_data: 2606:4700:4700::1001
- address_data: 2606:4700:4700::1111
tls_auth_name: "cloudflare-dns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: yioEpqeR4WtDwE9YxNVnCEkTxIjx6EEIwFSQW+lJsbc=
# # Quad 9 IPv6
# - address_data: 2620:fe::10
# tls_auth_name: "dns.quad9.net"
# IPv4 addresses
# # Cloudflare servers
- address_data: 1.1.1.1
tls_auth_name: "cloudflare-dns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: yioEpqeR4WtDwE9YxNVnCEkTxIjx6EEIwFSQW+lJsbc=
- address_data: 1.0.0.1
tls_auth_name: "cloudflare-dns.com"
tls_pubkey_pinset:
- digest: "sha256"
value: yioEpqeR4WtDwE9YxNVnCEkTxIjx6EEIwFSQW+lJsbc=
# Quad 9 service
# - address_data: 9.9.9.10
# tls_auth_name: "dns.quad9.net"