DNS over TLS: Difference between revisions

@@ Line 32: / Line 32: @@
        [ {
          source = pkgs.writeText "upHook" ''
-           /run/current-system/sw/bin/nmcli connection modify uuid $CONNECTION_UUID \
+           # Only set dns for wlp and enp interface, not virbr, docker and so on
-          ipv4.dhcp-send-hostname "false" \
+          if [[ $DEVICE_IFACE == *"wlp"* || $DEVICE_IFACE == *"enp"* ]]; then
-          ipv4.ignore-auto-dns "true" \
+            /run/current-system/sw/bin/nmcli connection modify uuid $CONNECTION_UUID \
-          ipv4.dns "127.0.0.1" \
+            ipv4.dhcp-send-hostname "false" \
-          ipv6.dhcp-send-hostname "false" \
+            ipv4.ignore-auto-dns "true" \
-          ipv6.ignore-auto-dns "true" \
+            ipv4.dns "127.0.0.1" \
-          ipv6.dns "::1"
+            ipv6.dhcp-send-hostname "false" \
+            ipv6.ignore-auto-dns "true" \
+            ipv6.dns "::1" # Dnsmasq doesn't actually listen on IPv6, so ipv6 dns requests probably won't work
+          else
+            echo "Excluding $DEVICE_IFACE from privacy dispatcher script" >> /tmp/dispatcherScripts.log
+          fi
          '';
          type = "pre-up";