nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

privacy: Implement a way to disable fallback DNS servers

Browse Source 
- Using public DNS servers leads to user's domain queries being known to the
servers, violating privacy. However, it is necessary to address many corner
cases when DNS servers are not known to systemd-resolved but internet
connectivity is working. Allow users to disable fallback DNS servers.

Tests:

- After upgrade to latest version of FreedomBox, the setting is on by default.

- Disabling removes the /etc configuration file and resolvectl shows no fallback
DNS entries.

- Enabling add the /etc configuration file and resolvectl shows fallback
entries. After removing existing DNS servers using resolvectl, one can still
query using fallback servers.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-28 15:40:24 -07:00 committed by Veiko Aasa
parent 28886b56cf
commit d7e0752d12
No known key found for this signature in database
GPG Key ID: 478539CAE680674E
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
plinth/modules/privacy/forms.py
View File

@ -22,3 +22,11 @@ class PrivacyForm(forms.Form):
'target="_blank">popcon.debian.org</a>. Submission happens over '
'the Tor network for additional anonymity if Tor app is enabled.'
), box_name=_(cfg.box_name)))
dns_fallback = forms.BooleanField(
label=_('Allow using fallback DNS servers'), required=False,
help_text=_(
'Use well-known public DNS servers to resolve domain names in '
'unusual circumstances where no DNS servers are known but '
'internet connectivity is available. Can be disabled in most '
'cases if network connectivity is stable and reliable.'))

10
plinth/modules/privacy/views.py
View File

@ -4,6 +4,7 @@
from django.contrib import messages
from django.utils.translation import gettext as _
import plinth.modules.names.privileged as names_privileged
from plinth.modules.privacy.forms import PrivacyForm
from plinth.views import AppView
@ -20,6 +21,7 @@ class PrivacyAppView(AppView):
"""Return the values to fill in the form."""
initial = super().get_initial()
initial.update(privileged.get_configuration())
initial.update(names_privileged.get_resolved_configuration())
return initial
def form_valid(self, form):
@ -28,11 +30,19 @@ class PrivacyAppView(AppView):
old_config = form.initial
changes = {}
is_changed = False
if old_config['enable_popcon'] != new_config['enable_popcon']:
changes['enable_popcon'] = new_config['enable_popcon']
if old_config['dns_fallback'] != new_config['dns_fallback']:
names_privileged.set_resolved_configuration(
dns_fallback=new_config['dns_fallback'])
is_changed = True
if changes:
privileged.set_configuration(**changes)
if changes or is_changed:
messages.success(self.request, _('Configuration updated'))
return super().form_valid(form)