Use systemd path for dnat-to-ns

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-05-12 03:38:58 -07:00
parent c828eaea34
commit 3f4df9dc25
No known key found for this signature in database
GPG Key ID: 555C902A34EC968F
3 changed files with 23 additions and 3 deletions

View File

@ -0,0 +1,9 @@
[Unit]
Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns when /etc/resolv.conf changes
[Path]
PathChanged=/etc/resolv.conf
Unit=dns-to-ns.service
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,6 @@
[Unit]
Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns
[Service]
Type=oneshot
ExecStart=/usr/lib/qubes/qubes-setup-dnat-to-ns

View File

@ -14,12 +14,17 @@
# License for the specific language governing permissions and limitations under # License for the specific language governing permissions and limitations under
# the License. # the License.
unpriv(){
sudo -u nobody "$@"
}
sudo dnf config-manager --add-repo https://repository.mullvad.net/rpm/stable/mullvad.repo sudo dnf config-manager --add-repo https://repository.mullvad.net/rpm/stable/mullvad.repo
sudo dnf install -y mullvad-vpn sudo dnf install -y mullvad-vpn
sudo mkdir -p /etc/qubes-bind-dirs.d sudo mkdir -p /etc/qubes-bind-dirs.d
echo 'binds+=( '\'''/etc/mullvad-vpn''\'' )' | sudo tee /etc/qubes-bind-dirs.d/50_user.conf echo 'binds+=( '\'''/etc/mullvad-vpn''\'' )' | sudo tee /etc/qubes-bind-dirs.d/50_user.conf
# Run these in the AppVM: unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.service | sudo tee /etc/systemd/system/dnat-to-ns.service
# echo "sleep 10 # Waiting a bit so that Mullvad can establish connection unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.path | sudo tee /etc/systemd/system/dnat-to-ns.path
# /usr/lib/qubes/qubes-setup-dnat-to-ns" | sudo tee -a /rw/config/rc.local
sudo systemctl enable dnat-to-ns.path