path: root/applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua
diff options
authorDirk Brenken <>2017-10-02 10:57:04 +0200
committerDirk Brenken <>2017-10-02 10:57:04 +0200
commitf2d8f1f4cd2229f92db97f265e8ac2387e997ccd (patch)
tree69bb7623473b0e3cea7d18c3ffd19f8a58b9cb21 /applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua
parentdfad516e8402de33a3bb9d0750cc8736b83d6a85 (diff)
luci-app-dnscrypt-proxy: major update
* automatically transfer dnscrypt specific settings to dnsmasq as well, This may change the values for 'noresolv', 'resolvfile', 'allservers' and the list 'server' settings (enabled by default) * parse/show the resolver, Location, DNSSEC- and NOLOG-Flag in the resolver select box * make buttons for resolver list download & file creation (resolv-crypt.conf) more descriptive & responsive * ease the startup trigger handling * add an edit tab for 'resolv-crypt.conf' in the 'Advanced' section Signed-off-by: Dirk Brenken <>
Diffstat (limited to 'applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua')
1 files changed, 119 insertions, 62 deletions
diff --git a/applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua b/applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua
index 7ab84ab7fa..5198fa82de 100644
--- a/applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua
+++ b/applications/luci-app-dnscrypt-proxy/luasrc/model/cbi/dnscrypt-proxy/overview_tab.lua
@@ -11,15 +11,16 @@ local plug_cnt = tonumber(luci.sys.exec("env -i /usr/sbin/dnscrypt-proxy --vers
local res_list = {}
local url = ""
-if not fs.access("/lib/") then
- m = SimpleForm("error", nil, translate("SSL support not available, please install an libustream-ssl variant to use this package."))
- m.submit = false
- m.reset = false
- return m
if not fs.access(res_input) then
-"env -i /bin/uclient-fetch --no-check-certificate -O " .. res_input .. " " .. url .. " >/dev/null 2>&1")
+ if not fs.access("/lib/") then
+ m = SimpleForm("error", nil, translate("No default resolver list and no SSL support available.<br />")
+ .. translate("Please install a resolver list to '/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv' to use this package."))
+ m.submit = false
+ m.reset = false
+ return m
+ else
+"env -i /bin/uclient-fetch --no-check-certificate -O " .. res_input .. " " .. url .. " >/dev/null 2>&1")
+ end
if not uci:get_first("dnscrypt-proxy", "global") then
@@ -29,23 +30,53 @@ if not uci:get_first("dnscrypt-proxy", "global") then
for line in io.lines(res_input) do
- local name = line:match("^[%w_.-]*")
- res_list[#res_list + 1] = { name = name }
+ local name,
+ location,
+ dnssec,
+ nolog = line:match("^([^,]+),.-,\".-\",\"(.-)\",.-,[0-9],([yesno]+),([yesno]+)")
+ res_list[#res_list + 1] = { name = name, location = location, dnssec = dnssec, nolog = nolog }
m = Map("dnscrypt-proxy", translate("DNSCrypt-Proxy"),
translate("Configuration of the DNSCrypt-Proxy package. ")
- .. translate("Keep in mind to configure Dnsmasq as well. ")
.. translatef("For further information "
.. "<a href=\"%s\" target=\"_blank\">"
.. "see the wiki online</a>", ""))
function m.on_after_commit(self)
-"env -i /etc/init.d/dnsmasq restart >/dev/null 2>&1")
+ function d1.validate(self, value, s1)
+ if value == "1" then
+ uci:commit("dnscrypt-proxy")
+ uci:set("dhcp", s1, "noresolv", 1)
+ if not fs.access("/etc/resolv-crypt.conf") or nixio.fs.stat("/etc/resolv-crypt.conf").size == 0 then
+ uci:set("dhcp", s1, "resolvfile", "/tmp/")
+ else
+ uci:set("dhcp", s1, "resolvfile", "/etc/resolv-crypt.conf")
+ end
+ local server_list = {}
+ local cnt = 1
+ uci:foreach("dnscrypt-proxy", "dnscrypt-proxy", function(s)
+ server_list[cnt] = s['address'] .. "#" .. s['port']
+ cnt = cnt + 1
+ end)
+ server_list[cnt] = "/"
+ uci:set_list("dhcp", s1, "server", server_list)
+ if cnt > 2 then
+ uci:set("dhcp", s1, "allservers", 1)
+ else
+ uci:set("dhcp", s1, "allservers", 0)
+ end
+ uci:save("dhcp")
+ uci:commit("dhcp")
+ end
+ return value
+ end"env -i /etc/init.d/dnscrypt-proxy restart >/dev/null 2>&1")
+"env -i /etc/init.d/dnsmasq restart >/dev/null 2>&1")
-s = m:section(TypedSection, "global", translate("General options"))
+s = m:section(TypedSection, "global", translate("General Options"))
s.anonymous = true
-- Main dnscrypt-proxy resource list
@@ -62,21 +93,53 @@ o3 = s:option(DummyValue, "", translate("File Checksum"))
o3.template = "dnscrypt-proxy/res_options"
o3.value = luci.sys.exec("sha256sum " .. res_input .. " | awk '{print $1}'")
-btn = s:option(Button, "", translate("Refresh Resolver List"))
-btn.inputtitle = translate("Refresh List")
-btn.inputstyle = "apply"
-btn.disabled = false
-function btn.write(self, section, value)
-"env -i /bin/uclient-fetch --no-check-certificate -O " .. res_input .. " " .. url .. " >/dev/null 2>&1")
- luci.http.redirect(luci.dispatcher.build_url("admin", "services", "dnscrypt-proxy"))
+if fs.access("/lib/") then
+ btn1 = s:option(Button, "", translate("Refresh Resolver List"),
+ translate("Download the current resolver list from ''."))
+ btn1.inputtitle = translate("Refresh List")
+ btn1.inputstyle = "apply"
+ btn1.disabled = false
+ function btn1.write()
+"env -i /bin/uclient-fetch --no-check-certificate -O " .. res_input .. " " .. url .. " >/dev/null 2>&1")
+ luci.http.redirect(luci.dispatcher.build_url("admin", "services", "dnscrypt-proxy"))
+ end
+ btn1 = s:option(Button, "", translate("Refresh Resolver List"),
+ translate("No SSL support available.<br />")
+ .. translate("Please install a 'libustream-ssl' library to download the current resolver list from ''."))
+ btn1.inputtitle = translate("-------")
+ btn1.inputstyle = "button"
+ btn1.disabled = true
+if not fs.access("/etc/resolv-crypt.conf") or nixio.fs.stat("/etc/resolv-crypt.conf").size == 0 then
+ btn2 = s:option(Button, "", translate("Create Custom Config File"),
+ translate("Create '/etc/resolv-crypt.conf' with 'options timeout:1' to reduce DNS upstream timeouts with multiple DNSCrypt instances.<br />")
+ .. translatef("For further information "
+ .. "<a href=\"%s\" target=\"_blank\">"
+ .. "see the wiki online</a>", ""))
+ btn2.inputtitle = translate("Create Config File")
+ btn2.inputstyle = "apply"
+ btn2.disabled = false
+ function btn2.write()
+"env -i echo 'options timeout:1' > '/etc/resolv-crypt.conf'")
+ luci.http.redirect(luci.dispatcher.build_url("admin", "services", "dnscrypt-proxy"))
+ end
+ btn2 = s:option(Button, "", translate("Create Custom Config File"),
+ translate("The config file '/etc/resolv-crypt.conf' already exist.<br />")
+ .. translate("Please edit the file manually in the 'Advanced' section."))
+ btn2.inputtitle = translate("-------")
+ btn2.inputstyle = "button"
+ btn2.disabled = true
-- Trigger settings
-t = s:option(DynamicList, "procd_trigger", translate("Startup Trigger"),
- translate("By default the DNSCrypt-Proxy startup will be triggered by ifup events of multiple network interfaces. ")
- .. translate("To restrict the trigger, add only the relevant network interface(s). ")
- .. translate("Usually the 'wan' interface should work for most users."))
+t = s:option(ListValue, "procd_trigger", translate("Startup Trigger"),
+ translate("By default the DNSCrypt-Proxy startup will be triggered by ifup events of 'All' available network interfaces.<br />")
+ .. translate("To restrict the trigger, select only the relevant network interface. Usually the 'wan' interface should work for most users."))
+t:value("", "All")
if dump then
local i, v
for i, v in ipairs(dump.interface) do
@@ -85,57 +148,38 @@ if dump then
+t.default = procd_trigger or "All"
t.rmempty = true
--- Extra options
-ds = s:option(DummyValue, "_dummy", translate("Extra options"),
- translate("Options for further tweaking in case the defaults are not suitable for you."))
-ds.template = "cbi/nullsection"
-btn = s:option(Button, "", translate("Create custom config file"),
- translate("Create '/etc/resolv-crypt.conf' with 'options timeout:1' to reduce DNS upstream timeouts with multiple DNSCrypt instances. ")
- .. translatef("For further information "
- .. "<a href=\"%s\" target=\"_blank\">"
- .. "see the wiki online</a>", ""))
-btn.inputtitle = translate("Create Config File")
-btn.inputstyle = "apply"
-btn.disabled = false
-function btn.write(self, section, value)
- if not fs.access("/etc/resolv-crypt.conf") then
-"env -i echo 'options timeout:1' > '/etc/resolv-crypt.conf'")
- end
-- Mandatory options per instance
-s = m:section(TypedSection, "dnscrypt-proxy", translate("Instance options"))
+s = m:section(TypedSection, "dnscrypt-proxy", translate("Instance Options"))
s.anonymous = true
s.addremove = true
-o1 = s:option(Value, "address", translate("IP Address"),
+i1 = s:option(Value, "address", translate("IP Address"),
translate("The local IPv4 or IPv6 address. The latter one should be specified within brackets, e.g. '[::1]'."))
-o1.default = address or ""
-o1.rmempty = false
+i1.default = address or ""
+i1.rmempty = false
-o2 = s:option(Value, "port", translate("Port"),
+i2 = s:option(Value, "port", translate("Port"),
translate("The listening port for DNS queries."))
-o2.datatype = "port"
-o2.default = port
-o2.rmempty = false
-o3 = s:option(ListValue, "resolver", translate("Resolver"),
- translate("Name of the remote DNS service for resolving queries."))
-o3.datatype = "hostname"
-o3.widget = "select"
+i2.datatype = "port"
+i2.default = port
+i2.rmempty = false
+i3 = s:option(ListValue, "resolver", translate("Resolver (LOC/SEC/NOLOG)"),
+ translate("Name of the remote DNS service for resolving queries incl. Location, DNSSEC- and NOLOG-Flag."))
+i3.datatype = "hostname"
+i3.widget = "select"
local i, v
for i, v in ipairs(res_list) do
- if ~= "Name" then
- o3:value(
+ if and v.location and v.dnssec and v.nolog and ~= "Name" then
+ i3:value(, .. " (" .. v.location .. "/" .. v.dnssec .. "/" .. v.nolog .. ")")
-o3.default = resolver
-o3.rmempty = false
+i3.default = resolver
+i3.rmempty = false
-- Extra options per instance
@@ -174,4 +218,17 @@ if plug_cnt > 0 then
e6.optional = true
-return m
+-- Dnsmasq options
+m1 = Map("dhcp")
+s1 = m1:section(TypedSection, "dnsmasq", translate("Dnsmasq Options"))
+s1.anonymous = true
+d1 = s1:option(Flag, "", translate("Transfer Options To Dnsmasq"),
+ translate("Apply DNSCrypt-Proxy specific settings to the Dnsmasq configuration.<br />")
+ .. translate("Please note: This may change the values for 'noresolv', 'resolvfile', 'allservers' and the list 'server' settings."))
+d1.default = d1.enabled
+d1.rmempty = false
+return m, m1