Last active
October 30, 2019 19:39
-
-
Save vbatts/d2cdff264b495c4e823946e12deae3d1 to your computer and use it in GitHub Desktop.
using coredns to route a split tunnel (like having wireguard connected to home network)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| git clone https://github.com/coredns/coredns | |
| cd coredns | |
| echo "unbound:github.com/coredns/unbound" >> plugin.cfg | |
| sudo yum install -y unbound-devel | |
| go generate | |
| make | |
| sudo install -T -m 0755 ./coredns /usr/local/sbin/coredns | |
| sudo systemctl enable --now coredns-watcher.path coredns.service |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Path] | |
| # for when NetworkManager clobbers this file with the resolvers of whatever new network we're on | |
| PathModified=/etc/resolv.conf | |
| [Install] | |
| WantedBy=multi-user.target |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=copy the resolver file that NetworkManager landed | |
| Before=coredns.service | |
| After=network-online.target | |
| [Service] | |
| Type=oneshot | |
| ExecStartPre=/bin/bash -c '/bin/cmp /etc/resolv.conf.localhost /etc/resolv.conf || /bin/cp /etc/resolv.conf /etc/resolv.conf.sys' | |
| ExecStart=/bin/cp /etc/resolv.conf.localhost /etc/resolv.conf |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=local DNS resolver, using coredns | |
| After=network-online.target | |
| [Service] | |
| ExecStart=/usr/local/sbin/coredns -conf /etc/Corefile |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| batts.lan. { | |
| # i compiled in this unbound plugin, to get recursive lookups. On centos it needed the 'unbound-devel' package. | |
| unbound | |
| cache | |
| forward . 192.168.0.1 | |
| errors | |
| log | |
| } | |
| . { | |
| unbound | |
| cache | |
| forward . /etc/resolv.conf.sys | |
| errors | |
| log | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nameserver 127.0.0.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment