From 3f4df9dc25ae9f3b99cb23c939f17cc80a19394e Mon Sep 17 00:00:00 2001 From: Tommy Date: Sun, 12 May 2024 03:38:58 -0700 Subject: [PATCH] Use systemd path for dnat-to-ns Signed-off-by: Tommy --- etc/systemd/system/dnat-to-ns.path | 9 +++++++++ etc/systemd/system/dnat-to-ns.service | 6 ++++++ fedora/mullvad.sh | 11 ++++++++--- 3 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 etc/systemd/system/dnat-to-ns.path create mode 100644 etc/systemd/system/dnat-to-ns.service diff --git a/etc/systemd/system/dnat-to-ns.path b/etc/systemd/system/dnat-to-ns.path new file mode 100644 index 0000000..09a5dcd --- /dev/null +++ b/etc/systemd/system/dnat-to-ns.path @@ -0,0 +1,9 @@ +[Unit] +Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns when /etc/resolv.conf changes + +[Path] +PathChanged=/etc/resolv.conf +Unit=dns-to-ns.service + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/etc/systemd/system/dnat-to-ns.service b/etc/systemd/system/dnat-to-ns.service new file mode 100644 index 0000000..8d15d0e --- /dev/null +++ b/etc/systemd/system/dnat-to-ns.service @@ -0,0 +1,6 @@ +[Unit] +Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns + +[Service] +Type=oneshot +ExecStart=/usr/lib/qubes/qubes-setup-dnat-to-ns \ No newline at end of file diff --git a/fedora/mullvad.sh b/fedora/mullvad.sh index 1057da2..82c2c04 100644 --- a/fedora/mullvad.sh +++ b/fedora/mullvad.sh @@ -14,12 +14,17 @@ # License for the specific language governing permissions and limitations under # the License. +unpriv(){ + sudo -u nobody "$@" +} + sudo dnf config-manager --add-repo https://repository.mullvad.net/rpm/stable/mullvad.repo sudo dnf install -y mullvad-vpn sudo mkdir -p /etc/qubes-bind-dirs.d echo 'binds+=( '\'''/etc/mullvad-vpn''\'' )' | sudo tee /etc/qubes-bind-dirs.d/50_user.conf -# Run these in the AppVM: -# echo "sleep 10 # Waiting a bit so that Mullvad can establish connection -# /usr/lib/qubes/qubes-setup-dnat-to-ns" | sudo tee -a /rw/config/rc.local +unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.service | sudo tee /etc/systemd/system/dnat-to-ns.service +unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.path | sudo tee /etc/systemd/system/dnat-to-ns.path + +sudo systemctl enable dnat-to-ns.path \ No newline at end of file