One line to rule them all – Opennic DNSCrypt setup.

IF its your first time DNSCrypt attempt install dnscrypt and bind tools packages:

pacman -S dnscrypt-proxy bind-tools

and run this:

echo 'nameserver 127.0.0.1' > /etc/resolv.conf.head && cat /etc/resolv.conf.head && echo '[Unit]' > /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Description=DNSCrypt client proxy' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Requires=dnscrypt-proxy.socket' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '[Install]' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Also=dnscrypt-proxy.socket' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'WantedBy=multi-user.target' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '[Service]' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Type=simple' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'NonBlocking=true' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'ExecStart=/usr/bin/dnscrypt-proxy ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--provider-name=2.dnscrypt-cert.resolver2.dnscrypt.eu ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--resolver-address=77.66.84.233:443 ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--provider-key=3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955 ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--user=nobody' >> /usr/lib/systemd/system/dnscrypt-proxy.service && cat /usr/lib/systemd/system/dnscrypt-proxy.service && cp /usr/lib/systemd/system/dnscrypt-proxy.service /etc/systemd/system/ && cat /etc/systemd/system/dnscrypt-proxy.service && systemctl daemon-reload && systemctl restart dnscrypt-proxy && systemctl status -l dnscrypt-proxy && nslookup -type=txt 2.dnscrypt-cert.resolver2.dnscrypt.eu && dig 2.dnscrypt-cert.resolver2.dnscrypt.eu txt

IF you’re redoing your current config and you want to do it quickly – run this:

echo 'nameserver 127.0.0.1' > /etc/resolv.conf.head && cat /etc/resolv.conf.head && systemctl stop dnscrypt-proxy && systemctl stop dnscrypt-proxy.socket && systemctl disable dnscrypt-proxy && systemctl disable dnscrypt-proxy.socket && echo '[Unit]' > /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Description=DNSCrypt client proxy' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Requires=dnscrypt-proxy.socket' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '[Install]' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Also=dnscrypt-proxy.socket' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'WantedBy=multi-user.target' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '[Service]' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'Type=simple' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'NonBlocking=true' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo 'ExecStart=/usr/bin/dnscrypt-proxy ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--provider-name=2.dnscrypt-cert.resolver2.dnscrypt.eu ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--resolver-address=77.66.84.233:443 ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--provider-key=3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955 ' >> /usr/lib/systemd/system/dnscrypt-proxy.service && echo '--user=nobody' >> /usr/lib/systemd/system/dnscrypt-proxy.service && cat /usr/lib/systemd/system/dnscrypt-proxy.service && cp /usr/lib/systemd/system/dnscrypt-proxy.service /etc/systemd/system/ && cat /etc/systemd/system/dnscrypt-proxy.service && systemctl daemon-reload && systemctl restart dnscrypt-proxy && systemctl status -l dnscrypt-proxy && nslookup -type=txt 2.dnscrypt-cert.resolver2.dnscrypt.eu && dig 2.dnscrypt-cert.resolver2.dnscrypt.eu txt

This will push 127.0.0.1 to the top of your /etc/resolv.conf file and will keep your current DNS servers as a falback in case the DNSCrypt server goes down which I am sad to say happens once in a while. It will also configure and copy the service files in the right places and will enable the right services.

Reboot and you should be good to go.

Cheers.

Andrzej

AndrzejL

"Never meet Your heroes. Most of the time you'll only end up disappointed." White Polak Male Husband Employee Hetero Carnivorous Fugly Geek @$$hole with ADD Catholic “Some men just want to watch the world burn.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.