diff --git a/roles/dns_encryption/tasks/arch.yml b/roles/dns_encryption/tasks/arch.yml index a9de0d35..54117896 100644 --- a/roles/dns_encryption/tasks/arch.yml +++ b/roles/dns_encryption/tasks/arch.yml @@ -4,10 +4,3 @@ pacman: name: dnscrypt-proxy state: latest - -- name: Arch Linux | Patch dnscrypt-proxy.service - template: - src: dnscrypt-proxy.service.j2 - dest: "{{ config_prefix|default('/') }}etc/systemd/system/dnscrypt-proxy.service" - notify: - - daemon reload \ No newline at end of file diff --git a/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 b/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 deleted file mode 100644 index 40726539..00000000 --- a/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 +++ /dev/null @@ -1,48 +0,0 @@ -[Unit] -Description=DNSCrypt-proxy client -Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki - -## Start service after the network is online. -## Requires a wait service such as NetworkManager or systemd-networkd. -## Verify using: -## systemctl is-enabled NetworkManager-wait-online.service systemd-networkd-wait-online.service -## Then enable: -## systemctl enable NetworkManager-wait-online.service -## Or alternatively: -## systemctl enable systemd-networkd-wait-online.service -After=network-online.target -Wants=network-online.target - -## DNSCrypt-proxy provides and requires name resolution. -Before=nss-lookup.target -Wants=nss-lookup.target - -[Service] -## Set O_NONBLOCK flag for socket unit. -NonBlocking=true - -## Execute dnscrypt-proxy with configuration file. -ExecStart=/usr/bin/dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml - -## Make /home, /root and /run/user read only. -ProtectHome=yes - -## Make Linux control groups read only. -ProtectControlGroups=yes - -## Deny explicit module loading. -ProtectKernelModules=yes - -## Run dnscrypt-proxy as unprivileged user with -## temporary assigned UID/GID. See man:systemd.exec -## for more info. Requires systemd 232+. -DynamicUser=yes -CacheDirectory=dnscrypt-proxy -LogsDirectory=dnscrypt-proxy -RuntimeDirectory=dnscrypt-proxy - -[Install] - -## Create symlink for systemd to pull in the unit when starting multi-user.target -## Can be found in /etc/systemd/system/multi-user.target.wants/ -WantedBy=multi-user.target