Skip to content

Instantly share code, notes, and snippets.

@valyakuttan

valyakuttan/arch_network.md

Last active August 13, 2023 15:27
Show Gist options
  • Save valyakuttan/332f4e0feeb969180615043343374db4 to your computer and use it in GitHub Desktop.
Save valyakuttan/332f4e0feeb969180615043343374db4 to your computer and use it in GitHub Desktop.
Download ZIP
Arch Linux Network Setup With dnscrypt-proxy
Raw
arch_network.md

Arch Linux Network Setup With dnscrypt-proxy

Install and Configure iwd

  1. Install iwd and openresolv

         $ sudo pacman -S iwd openresolv

  2. Configure iwd by editing /etc/iwd/main.conf

         ## /etc/iwd/main.conf
     ## iwd configuration

     [General]
     # uncomment for setting the wifi interface name yourself
     # see https://iwd.wiki.kernel.org/interface_lifecycle
     # UseDefaultInterface=true

     # enable builtin DHCP-client within iwd for wifi
     EnableNetworkConfiguration=true

     # randomizes mac-address every time iwd starts or the hardware is initially detected
     AddressRandomization=network

     [Network]
     NameResolvingService=resolvconf

     [Scan]
     DisablePeriodicScan=true

  3. Enable iwd.service

         $ sudo systemctl enable --now iwd.service

Install and Configure NetworkManager

  1. Install networkmanager

         $ sudo pacman -S networkmanager

  2. Use iwd as the Wi-Fi backend by creating

         ## /etc/NetworkManager/conf.d/wifi_backend.conf 
     [device]
     wifi.backend=iwd

  3. Configure NetworkManager to use openresolvby

    creating /etc/NetworkManager/conf.d/rc-manager.conf

         ## /etc/NetworkManager/conf.d/rc-manager.conf
     [main]
     rc-manager=resolvconf

  4. Enable NetworkManager.service

         $ sudo systemctl enable --now NetworkManager.service

Install and Configure dnscrypt-proxy

  1. Install dnscrypt-proxy

         $ sudo pacman -S dnscrypt-proxy

  2. Modify listen_addresses option in /etc/dnscrypt-proxy/dnscrypt-proxy.toml as

         listen_addresses = ['127.0.0.1', '[::1]']

  3. Enable dnscrypt-proxy.service

         $ sudo systemctl enable --now dnscrypt-proxy.service

Update resolv.conf

  1. Modify /etc/resolvconf.conf as

         resolv_conf=/etc/resolv.conf
     name_servers="127.0.0.1 ::1"
     resolv_conf_options="edns0 single-request-reopen trust-ad"

  2. Generate /etc/resolv.conf

         $ sudo resolvconf -u
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment