mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-22 09:31:34 -05:00
Add notes on DNS handling
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
520bb847e6
commit
3e97fd298c
@ -187,3 +187,6 @@ sudo systemctl restart irqbalance
|
||||
# Setup notices
|
||||
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue
|
||||
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue.net
|
||||
|
||||
# Final notes to the user
|
||||
output 'Server setup complete. To use unbound for DNS, you need to reboot.'
|
13
README.md
13
README.md
@ -2,10 +2,20 @@
|
||||
My setup scripts for my workstations. You should edit the scripts to your liking before running it.
|
||||
Please run the scripts as your actual user and not root. Provide sudo password when it asks you to. Flatpak packages and themes/icons are only installed for your user and not system wide. <br />
|
||||
|
||||
The printing stack (cups) is removed as I do not use it. Bluetooth is disabled by KickSecure's kernel module blacklist.
|
||||
The printing stack (cups) is removed as I do not use it.
|
||||
|
||||
Visit my Matrix group: https://matrix.to/#/#tommytran732:matrix.org
|
||||
|
||||
## Notes on DNS handling
|
||||
|
||||
For desktop installations, the assumption here is that you will use a VPN of some sort for your privacy. No custom DNS server will be configured, as websites [can detect](https://www.dnsleaktest.com/) that you are using a different DNS server from your VPN provider's server.
|
||||
|
||||
For server installations (except Proxmox), Unbound will be configured to handle local DNSSEC validation. The difference in the scripts on how this is set up are because of the following reasons:
|
||||
|
||||
- Each distribution needs its own Unbound configuration due to version differences and how each distro package it.
|
||||
- If both Unbound and systemd-resolved are preset on the system, whichever one get used depends entirely depends on whether systemd-resolved is running and controlling `/etc/resolv.conf` or not. My scripts set Unbound to enabled and systemd-resolved whenever possible.
|
||||
- If systemd-resolved is not present on the system, NetworkManager will take control of `/etc/resolv.conf`. RHEL does not ship with systemd-resolved, so manual configuration to set NetworkManager to use the local DNS forwarder is needed.
|
||||
|
||||
# Arch Linux
|
||||
Check out this repository: https://github.com/tommytran732/Arch-Setup-Script <br />
|
||||
|
||||
@ -16,3 +26,4 @@ Checkout this repository: https://github.com/tommytran732/QubesOS-Scripts <br />
|
||||
# Fedora CoreOS
|
||||
|
||||
Checkout this repository: https://github.com/tommytran732/Fedora-CoreOS-Ignition
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user