Messages

1

Tutorials and FAQs / Re: Multiple dnscrypt-proxy Opnsense 16.7 / 17.1 / 17.7 :-)

« on: August 22, 2017, 04:25:44 pm »

Hi,
With a fresh 17.7 install /etc/rc.conf will be ignored at bootup, so it will not start automatically, I have to service dnscrypt-proxy start.
What kind of sorcery do you use for this to work? 

______________________
Before I seen this thread I made a rc.d script using the openvpn way to start multiple instances,
it uses symbolic links, cd /usr/local/etc/rc.d/; ln -s dnscrypt-proxy dnscrypt-proxy_foo

Code: [Select]

#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: dnscrypt_proxy
# REQUIRE: SERVERS cleanvar ldconfig
# BEFORE: named local_unbound unbound
# KEYWORD: shutdown
#
# This script supports running multiple instances of dnscrypt-proxy.
# To run additional instances link this script to something like
# % ln -s dnscrypt-proxy dnscrypt-proxy_foo
# and define additional dnscrypt_proxy_foo_* variables in one of
# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/dnscrypt-proxy_foo
#
# The name of the addition instance should contain only letters (a to z or A to Z),
# numbers (0 to 9) or the underscore character (_).
#
# Below NAME should be substituted with the name of this script. By default
# it is dnscrypt_proxy, so read as dnscrypt_proxy_enable. If you linked the script to
# dnscrypt-proxy_foo, then read as dnscrypt_proxy_foo_enable etc.
#
# The following variables are supported (defaults are shown).
# You can place them in any of
# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME
#
# NAME_enable="NO" # set to YES to enable dnscrypt-proxy instance
#
# # optional:
# NAME_flags= # additional command line arguments
# NAME_configfile="/usr/local/etc/dnscrypt-proxy/NAME.conf" # Will override all other
#                                               settings and only use the config file.
# NAME_uid (str): Set to "_dnscrypt-proxy" by default.
#                              User to switch to after starting.
# NAME_resolver (str):Set to "cisco" by default.
#                              Choose a different upstream resolver.
# NAME_pidfile (str): default: "/var/run/NAME.pid"
#                              Location of pid file.
# NAME_logfile (str): default: "/var/log/NAME.log"
#                              Location of log file.
#
# To redirect a local resolver through dnscrypt-proxy, point it at 127.0.0.x
# and add the following to rc.conf:
# ifconfig_lo0_alias0="inet 127.0.0.x netmask 0xffffffff"
# NAME_flags='-a 127.0.0.x'

. /etc/rc.subr

# service(8) does not create an authentic environment, try to guess,
# and as of 10.3-RELEASE-p0, it will not find the indented name=
# assignments below. So give it a default.
# Trailing semicolon also for service(8)'s benefit:
name="$file" ;

case "$0" in
/etc/rc*)
# during boot (shutdown) $0 is /etc/rc (/etc/rc.shutdown),
# so get the name of the script from $_file
name="$_file"
;;
*/service)
# do not use this as $0
;;
*)
name="$0"
;;
esac

# default name to "dnscrypt_proxy" if guessing failed
# Trailing semicolon also for service(8)'s benefit:
name="dnscrypt_proxy${name##*dnscrypt-proxy}" ;
rcvar=${name}_enable

stop_postcmd()
{
rm -f "$pidfile" || warn "Could not remove $pidfile."
}

# command and arguments
command="/usr/local/sbin/dnscrypt-proxy"

# run this last
stop_postcmd="stop_postcmd"

load_rc_config ${name}

eval ": \${${name}_enable:=\"NO\"}"
eval ": \${${name}_configfile:=\"/usr/local/etc/dnscrypt-proxy/${name}.conf\"}"
eval ": \${${name}_uid:=\"_dnscrypt-proxy\"}" # User to run daemon as
eval ": \${${name}_resolver:=\"cisco\"}" # resolver to use
eval ": \${${name}_pidfile:=\"/var/run/${name}.pid\"}" # Path to pid file
eval ": \${${name}_logfile:=\"/var/log/${name}.log\"}" # Path to log file

configfile="$(eval echo \${${name}_configfile})"
uid="$(eval echo \${${name}_uid})"
resolver="$(eval echo \${${name}_resolver})"
pidfile="$(eval echo \${${name}_pidfile})"
logfile="$(eval echo \${${name}_logfile})"

if [ -f "$configfile" ]; then
command_args="$configfile"
else
command_args="-d -p $pidfile -l $logfile -u $uid -R $resolver"
fi

run_rc_command "$1"