Best way to install as service on Mac?
I installed as per https://github.com/nextdns/nextdns/wiki/MacOS ... but this then needs to be start
ed manually each time.
What's the best way to install as a service/daemon/launch agent?
Does someone have a .plist
?
Would be nice to include that in the above wiki page.
Thanks
8 replies
-
I’m using a Mac and do not have this problem. In the past I used the app, so maybe that created a setting that I’m not aware of.
-
Now I recall from some time ago:
sudo nextdns config set -auto-activate
For additional options:
Usage of nextdns config set: -auto-activate Run activate at startup and deactivate on exit. -bogus-priv Bogus private reverse lookups. All reverse lookups for private IP ranges (ie 192.168.x.x, etc.) are answered with "no such domain" rather than being forwarded upstream. The set of prefixes affected is the list given in RFC6303, for IPv4 and IPv6. (default true) -cache-max-age duration If set to greater than 0, a cached entry will be considered stale after this duration, even if the record's TTL is higher. -cache-size string Set the size of the cache in byte. Use 0 to disable caching. The value can be expressed with unit like kB, MB, GB. The cache is automatically flushed when the pointed configuration is updated. (default "0") -config value NextDNS custom configuration id. The configuration id can be prefixed with a condition that is match for each query: * 10.0.3.0/24=abcdef: A CIDR can be used to restrict a configuration to a subnet. * 00:1c:42:2e:60:4a=abcdef: A MAC address can be used to restrict configuration to a specific host on the LAN. This parameter can be repeated. The first match wins. -config-file string Custom path to configuration file. -control string Address to the control socket. (default "/var/run/nextdns.sock") -detect-captive-portals Automatic detection of captive portals and fallback on system DNS to allow the connection to establish. Beware that enabling this feature can allow an attacker to force nextdns to disable DoH and leak unencrypted DNS traffic. -discovery-dns string The address of a DNS server to be used to discover client names. If not defined, the address learned via DHCP will be used. This setting is only active if report-client-info is set to true. -forwarder value A DNS server to use for a specified domain. Forwarders can be defined to send proxy DNS traffic to an alternative DNS upstream resolver for specific domains. The format of this parameter is [DOMAIN=]SERVER_ADDR[,SERVER_ADDR...]. A SERVER_ADDR can ben either an IP[:PORT] for DNS53 (unencrypted UDP, TCP), or a HTTPS URL for a DNS over HTTPS server. For DoH, a bootstrap IP can be specified as follow: https://dns.nextdns.io#45.90.28.0. Several servers can be specified, separated by comas to implement failover. This parameter can be repeated. The first match wins. -hardened-privacy Deprecated. -listen value Listen address for UDP DNS proxy server. -log-queries Log DNS queries. -max-ttl duration If set to greater than 0, defines the maximum TTL value that will be handed out to clients. The specified maximum TTL will be given to clients instead of the true TTL value if it is lower. The true TTL value is however kept in the cache to evaluate cache entries freshness. This is best used in conjunction with the cache to force clients not to rely on their own cache in order to pick up configuration changes faster. -report-client-info Embed clients information with queries. -setup-router Automatically configure NextDNS for a router setup. Common types of router are detected to integrate gracefuly. Changes applies are undone on daemon exit. The listen option is ignored when this option is used. -timeout duration Maximum duration allowed for a request before failing. (default 5s) -use-hosts Lookup /etc/hosts before sending queries to upstream resolver. (default true)
-
Ze'ev
From your dashboard use the Apple Configuration Profile Generator available at apple.nextdns.io.
Click advanced
Give the Device a name and select a model from the list
Then select Trust NextDNS Root CA and Sign Configuration ProfileSo much easier and a lot simpler than setting other stuff
Tested working on Catalina mac (10.15.7)
-
Did you ever try that suggestion to disable DoH in Chrome
when disabled run this again
https://test.nextdns.io/
-
ขอบคุณสำหรับข้อมูลที่ดี และเป็นข้อมูลที่เป็นประโยชน์อย่างยิ่ง
Content aside
- 3 yrs agoLast active
- 8Replies
- 1529Views
-
4
Following