From 8c8e80dfec64e8d96778d4b6c8c603db3b219c92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20K=C3=BCthe?= Date: Sun, 1 Jan 2023 19:29:38 +0100 Subject: [PATCH] remove old files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marek Küthe --- docs/dns/dns.md | 4 -- docs/dns/home.md | 124 --------------------------------------------- docs/dns/server.md | 124 --------------------------------------------- 3 files changed, 252 deletions(-) delete mode 100644 docs/dns/dns.md delete mode 100644 docs/dns/home.md delete mode 100644 docs/dns/server.md diff --git a/docs/dns/dns.md b/docs/dns/dns.md deleted file mode 100644 index e4a41ff..0000000 --- a/docs/dns/dns.md +++ /dev/null @@ -1,4 +0,0 @@ -CRXN DNS -======== - -**CRXN DNS** is coming soon. \ No newline at end of file diff --git a/docs/dns/home.md b/docs/dns/home.md deleted file mode 100644 index 18e7611..0000000 --- a/docs/dns/home.md +++ /dev/null @@ -1,124 +0,0 @@ -# Servers - -## Rekursiv - -| DNS | IP address | -| --- | --- | -| recur1.bandura.crxn | fd92:58b6:2b2::5353 | - -## Authoritiv - -# Resolve CRXN domains only - -Advantage: -- Very simple configuration - -Disadvantage: -- No more access to Clearnet domains -- Dependence on one server - -You can enter a recursive CRXN server as your DNS server in the operating system. - -The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`: -``` -nameserver fd92:58b6:2b2::5353 -``` - -# Run your own forwarder - -Advantage: -- Simple configuration - -Disadvantage: -- Dependence on one server - -With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks. - -There are several software you can use for this. - -## Coredns - -This guide is for Debian based systems. -First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`. -``` -$tar xvf coredns_1.10.0_linux_amd64.tgz -$chmod +x coredns -$sudo cp coredns /usr/local/bin/ -``` - -To start Coredns automatically you can create a Systemd unit: -``` -$ editor /etc/systemd/system/coredns.service -``` - -Paste the following: -``` -[Unit] -Description=CoreDNS DNS server -Documentation=https://coredns.io/ -After=network.target -After=alfis.service -After=meshnamed.service - -[Service] -PermissionsStartOnly=true -LimitNOFILE=1048576 -LimitNPROC=512 -CapabilityBoundingSet=CAP_NET_BIND_SERVICE -AmbientCapabilities=CAP_NET_BIND_SERVICE -NoNewPrivileges=true -User=coredns -ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile -ExecReload=/bin/kill -SIGUSR1 $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -``` - -After that reload systemd: -``` -$sudo systemctl daemon-reload -``` - -To isolate Coredns, you create a new user: -``` -$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns -``` - -After that you can create and edit the Coredns configuration file `Corefile`: -``` -editor /etc/coredns/Corefile -``` - -Paste the following: -``` -crxn., d.f.ip6.arpa. { - loop - bind 127.0.0.1 ::1 - forward . fd92:58b6:2b2::5353 -} -``` -Replace `fd92:58b6:2b2::5353` with your preferred recursive server. -With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/). - -To resolve Clearnet domains, insert the following: -``` -. { - loop - bind 127.0.0.1 ::1 - forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 { - tls_servername 1dot1dot1dot1.cloudflare-dns.com - } -} - -``` - - - - - - - - - diff --git a/docs/dns/server.md b/docs/dns/server.md deleted file mode 100644 index 18e7611..0000000 --- a/docs/dns/server.md +++ /dev/null @@ -1,124 +0,0 @@ -# Servers - -## Rekursiv - -| DNS | IP address | -| --- | --- | -| recur1.bandura.crxn | fd92:58b6:2b2::5353 | - -## Authoritiv - -# Resolve CRXN domains only - -Advantage: -- Very simple configuration - -Disadvantage: -- No more access to Clearnet domains -- Dependence on one server - -You can enter a recursive CRXN server as your DNS server in the operating system. - -The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`: -``` -nameserver fd92:58b6:2b2::5353 -``` - -# Run your own forwarder - -Advantage: -- Simple configuration - -Disadvantage: -- Dependence on one server - -With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks. - -There are several software you can use for this. - -## Coredns - -This guide is for Debian based systems. -First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`. -``` -$tar xvf coredns_1.10.0_linux_amd64.tgz -$chmod +x coredns -$sudo cp coredns /usr/local/bin/ -``` - -To start Coredns automatically you can create a Systemd unit: -``` -$ editor /etc/systemd/system/coredns.service -``` - -Paste the following: -``` -[Unit] -Description=CoreDNS DNS server -Documentation=https://coredns.io/ -After=network.target -After=alfis.service -After=meshnamed.service - -[Service] -PermissionsStartOnly=true -LimitNOFILE=1048576 -LimitNPROC=512 -CapabilityBoundingSet=CAP_NET_BIND_SERVICE -AmbientCapabilities=CAP_NET_BIND_SERVICE -NoNewPrivileges=true -User=coredns -ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile -ExecReload=/bin/kill -SIGUSR1 $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -``` - -After that reload systemd: -``` -$sudo systemctl daemon-reload -``` - -To isolate Coredns, you create a new user: -``` -$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns -``` - -After that you can create and edit the Coredns configuration file `Corefile`: -``` -editor /etc/coredns/Corefile -``` - -Paste the following: -``` -crxn., d.f.ip6.arpa. { - loop - bind 127.0.0.1 ::1 - forward . fd92:58b6:2b2::5353 -} -``` -Replace `fd92:58b6:2b2::5353` with your preferred recursive server. -With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/). - -To resolve Clearnet domains, insert the following: -``` -. { - loop - bind 127.0.0.1 ::1 - forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 { - tls_servername 1dot1dot1dot1.cloudflare-dns.com - } -} - -``` - - - - - - - - -