IVPN needs dnat-to-ns at boot

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-05-16 23:35:12 -07:00
parent 6dd8134451
commit cd4836a1d7
No known key found for this signature in database
GPG Key ID: 555C902A34EC968F
2 changed files with 11 additions and 1 deletions

View File

@ -0,0 +1,9 @@
[Unit]
Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns
[Service]
Type=oneshot
ExecStart=/usr/lib/qubes/qubes-setup-dnat-to-ns
[Install]
WantedBy=multi-user.target

View File

@ -24,9 +24,10 @@ sudo dnf install -y ivpn-ui
sudo mkdir -p /etc/qubes-bind-dirs.d
echo 'binds+=( '\'''/etc/opt/ivpn/mutable''\'' )' | sudo tee /etc/qubes-bind-dirs.d/50_user.conf
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.service | sudo tee /etc/systemd/system/dnat-to-ns.service
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns-boot.service | sudo tee /etc/systemd/system/dnat-to-ns.service
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.path | sudo tee /etc/systemd/system/dnat-to-ns.path
sudo systemctl enable dnat-to-ns.service
sudo systemctl enable dnat-to-ns.path
# Follow these instructions on how to set up the ProxyVM: https://privsec.dev/posts/qubes/using-ivpn-on-qubes-os/#creating-the-proxyvm