From cd4836a1d77e52a9c72e2f6c9381c2e59c9ca3e0 Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 16 May 2024 23:35:12 -0700 Subject: [PATCH] IVPN needs dnat-to-ns at boot Signed-off-by: Tommy --- etc/systemd/system/dnat-to-ns-boot.service | 9 +++++++++ fedora-gnome/ivpn.sh | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 etc/systemd/system/dnat-to-ns-boot.service diff --git a/etc/systemd/system/dnat-to-ns-boot.service b/etc/systemd/system/dnat-to-ns-boot.service new file mode 100644 index 0000000..278285e --- /dev/null +++ b/etc/systemd/system/dnat-to-ns-boot.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run /usr/lib/qubes/qubes-setup-dnat-to-ns + +[Service] +Type=oneshot +ExecStart=/usr/lib/qubes/qubes-setup-dnat-to-ns + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/fedora-gnome/ivpn.sh b/fedora-gnome/ivpn.sh index 334ae09..615f54a 100644 --- a/fedora-gnome/ivpn.sh +++ b/fedora-gnome/ivpn.sh @@ -24,9 +24,10 @@ sudo dnf install -y ivpn-ui sudo mkdir -p /etc/qubes-bind-dirs.d echo 'binds+=( '\'''/etc/opt/ivpn/mutable''\'' )' | sudo tee /etc/qubes-bind-dirs.d/50_user.conf -unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.service | sudo tee /etc/systemd/system/dnat-to-ns.service +unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns-boot.service | sudo tee /etc/systemd/system/dnat-to-ns.service unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/systemd/system/dnat-to-ns.path | sudo tee /etc/systemd/system/dnat-to-ns.path +sudo systemctl enable dnat-to-ns.service sudo systemctl enable dnat-to-ns.path # Follow these instructions on how to set up the ProxyVM: https://privsec.dev/posts/qubes/using-ivpn-on-qubes-os/#creating-the-proxyvm \ No newline at end of file