Code Monkey home page Code Monkey logo

dohnut's Introduction

Commons Host πŸ‘

Public issues for tech support, bug reports, feature requests, and other discussion.

πŸ‘‰ https://github.com/commonshost/contact/issues πŸ‘ˆ

Where is the Source Code?

Development of the Commons Host project takes place on GitLab.com, which is the hosted SaaS version of the GitLab project.

https://gitlab.com/commonshost

Should I create issues on GitLab or GitHub?

The choice is yours. Either one is acceptable and should receive the same level of attention.

On GitLab it is easier to reference commits, branches, merge requests, and roadmap/archived issues.

However if you are more comfortable using GitHub, then just create a new GitHub issue on this very repository.

Why not use GitHub for the Source Code?

@sebdeckers: I happen to like GitLab.

  1. It has some really neat features like integrated CI/CD and deployment tools.
  2. It is a free and open source product.
  3. It is a company that pursues a FOSS-based business model.
  4. Using heterogenous tools forces your workflow to be more resilient.
  5. Everyone loves an underdog.

GitLab also offers gratis private repositories. Those are not used by Commons Host. Everything is public.

Do I need a GitLab account?

You can sign in to GitLab.com using your GitHub account. I ❀️ OAuth!

dohnut's People

Contributors

habbie avatar klutchell avatar qoelet avatar sebdeckers avatar wknd avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar

dohnut's Issues

Use cluster instead of worker_threads

Cluster

Pro:

  • Load balancing happens by kernel/Node.js distributing UDP messages across all sockets listening on the same host:port.
  • No per-query IPC.
  • Scales horizontally even with a single DoH upstream.
  • Simpler design. Every cluster worker is an independent "master." Without the message passing and state management between threaded master/workers.

Con:

  • One HTTP/2 session per origin per worker. Potentially less efficient on the network than re-using the same session.

Worker Threads

Pro:

  • Single HTTP/2 session per DoH resolver.
  • Shiny new API.

Con:

  • Wasted IPC on single-core CPU of Raspberry Pi or restricted Docker.
  • Fixed overhead of IPC between worker/master.
  • Cloning buffers is slower than expected. Sharing memory may be better but hard to measure performance (no support yet in Clinic.js).

Using Environment variables for configuration

I'm trying to combine the dohnut docker image with another docker image that contains the unbound DNS server using docker-compose.

To configure what the logic can do in a docker container docker-compose uses environment variables.

Currently, dohnut does not accept environment variables directly as part of the configure to get around this either a bash wrapper script could be created for the docker image that passes the environment variables in via the command line, or the node program could be modified to work with environment variables as well as the command line.

Consider padding to preserve traffic flow confidentiality

Unable to install Dohnut on Raspberry pi 3 using systemd install method.

When Running the install command for Dohnut on a raspberry pi 3 in the home directory I encountered an error.

npm WARN checkPermissions Missing write access to /home/pi/n/lib/node_modules
npm ERR! path /home/pi/n/lib/node_modules
npm ERR! code EACCES
npm ERR! errno -13
npm ERR! syscall access
npm ERR! Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules'
npm ERR!  { [Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules']
npm ERR!   stack:
npm ERR!    "Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules'",
npm ERR!   errno: -13,
npm ERR!   code: 'EACCES',
npm ERR!   syscall: 'access',
npm ERR!   path: '/home/pi/n/lib/node_modules' }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator (though this is not recommended).

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/dohnut/.npm/_logs/2019-02-21T03_21_37_076Z-debug.log```

```pi@raspberrypi:~ $ cat /home/dohnut/.npm/_logs/2019-02-21T03_21_37_076Z-debug.log
0 info it worked if it ends with ok
1 verbose cli [ '/home/pi/n/bin/node',
1 verbose cli   '/home/pi/n/bin/npm',
1 verbose cli   'install',
1 verbose cli   '--global',
1 verbose cli   'dohnut@latest' ]
2 info using [email protected]
3 info using [email protected]
4 verbose npm-session 3db38f9562f75090
5 silly install loadCurrentTree
6 silly install readGlobalPackageData
7 http fetch GET 200 https://registry.npmjs.org/dohnut 499ms
8 silly pacote tag manifest for dohnut@latest fetched in 560ms
9 timing stage:loadCurrentTree Completed in 618ms
10 silly install loadIdealTree
11 silly install cloneCurrentTreeToIdealTree
12 timing stage:loadIdealTree:cloneCurrentTree Completed in 2ms
13 silly install loadShrinkwrap
14 timing stage:loadIdealTree:loadShrinkwrap Completed in 6ms
15 silly install loadAllDepsIntoIdealTree
16 silly resolveWithNewModule [email protected] checking installable status
17 http fetch GET 200 https://registry.npmjs.org/user-agents 370ms
18 silly pacote range manifest for user-agents@^1.0.164 fetched in 705ms
19 silly resolveWithNewModule [email protected] checking installable status
20 http fetch GET 200 https://registry.npmjs.org/chalk 781ms
21 http fetch GET 200 https://registry.npmjs.org/yargs 737ms
22 http fetch GET 200 https://registry.npmjs.org/base64url 870ms
23 http fetch GET 200 https://registry.npmjs.org/pino 849ms
24 http fetch GET 200 https://registry.npmjs.org/please-upgrade-node 904ms
25 http fetch GET 200 https://registry.npmjs.org/socket-activation 901ms
26 http fetch GET 200 https://registry.npmjs.org/@commonshost%2fresolvers 949ms
27 http fetch GET 200 https://registry.npmjs.org/uri-templates 913ms
28 http fetch GET 200 https://registry.npmjs.org/dns-packet 956ms
29 silly pacote range manifest for chalk@^2.4.2 fetched in 1016ms
30 silly resolveWithNewModule [email protected] checking installable status
31 silly pacote range manifest for yargs@^12.0.5 fetched in 968ms
32 silly resolveWithNewModule [email protected] checking installable status
33 http fetch GET 200 https://registry.npmjs.org/yauzl 262ms
34 silly pacote range manifest for pino@^5.10.10 fetched in 1030ms
35 silly resolveWithNewModule [email protected] checking installable status
36 silly pacote range manifest for base64url@^3.0.1 fetched in 1057ms
37 silly resolveWithNewModule [email protected] checking installable status
38 silly pacote range manifest for socket-activation@^3.1.0 fetched in 1068ms
39 silly resolveWithNewModule [email protected] checking installable status
40 silly pacote range manifest for please-upgrade-node@^3.1.1 fetched in 1076ms
41 silly resolveWithNewModule [email protected] checking installable status
42 silly pacote range manifest for @commonshost/resolvers@^1.2.0 fetched in 1128ms
43 silly resolveWithNewModule @commonshost/[email protected] checking installable status
44 silly pacote range manifest for uri-templates@^0.2.0 fetched in 1106ms
45 silly resolveWithNewModule [email protected] checking installable status
46 silly pacote range manifest for dns-packet@^5.1.2 fetched in 1136ms
47 silly resolveWithNewModule [email protected] checking installable status
48 silly pacote range manifest for yauzl@^2.10.0 fetched in 385ms
49 silly resolveWithNewModule [email protected] checking installable status
50 http fetch GET 200 https://registry.npmjs.org/sd-notify 137ms
51 silly pacote range manifest for sd-notify@^2.3.0 fetched in 149ms
52 silly resolveWithNewModule [email protected] checking installable status
53 http fetch GET 200 https://registry.npmjs.org/supports-color 109ms
54 http fetch GET 200 https://registry.npmjs.org/escape-string-regexp 123ms
55 http fetch GET 200 https://registry.npmjs.org/ansi-styles 138ms
56 silly pacote range manifest for supports-color@^5.3.0 fetched in 146ms
57 silly resolveWithNewModule [email protected] checking installable status
58 silly pacote range manifest for escape-string-regexp@^1.0.5 fetched in 154ms
59 silly resolveWithNewModule [email protected] checking installable status
60 silly pacote range manifest for ansi-styles@^3.2.1 fetched in 163ms
61 silly resolveWithNewModule [email protected] checking installable status
62 http fetch GET 200 https://registry.npmjs.org/color-convert 509ms
63 silly pacote range manifest for color-convert@^1.9.0 fetched in 533ms
64 silly resolveWithNewModule [email protected] checking installable status
65 http fetch GET 200 https://registry.npmjs.org/color-name 52ms
66 http fetch GET 200 https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz 96ms
67 silly pacote version manifest for [email protected] fetched in 173ms
68 silly resolveWithNewModule [email protected] checking installable status
69 http fetch GET 200 https://registry.npmjs.org/has-flag 78ms
70 silly pacote range manifest for has-flag@^3.0.0 fetched in 91ms
71 silly resolveWithNewModule [email protected] checking installable status
72 http fetch GET 200 https://registry.npmjs.org/ip 137ms
73 silly pacote range manifest for ip@^1.1.5 fetched in 149ms
74 silly resolveWithNewModule [email protected] checking installable status
75 http fetch GET 200 https://registry.npmjs.org/quick-format-unescaped 155ms
76 http fetch GET 200 https://registry.npmjs.org/pino-std-serializers 166ms
77 http fetch GET 200 https://registry.npmjs.org/flatstr 171ms
78 http fetch GET 200 https://registry.npmjs.org/sonic-boom 169ms
79 http fetch GET 200 https://registry.npmjs.org/fast-safe-stringify 209ms
80 http fetch GET 200 https://registry.npmjs.org/fast-redact 215ms
81 silly pacote range manifest for quick-format-unescaped@^3.0.0 fetched in 218ms
82 silly resolveWithNewModule [email protected] checking installable status
83 silly pacote range manifest for sonic-boom@^0.7.1 fetched in 222ms
84 silly resolveWithNewModule [email protected] checking installable status
85 silly pacote range manifest for pino-std-serializers@^2.3.0 fetched in 231ms
86 silly resolveWithNewModule [email protected] checking installable status
87 silly pacote range manifest for flatstr@^1.0.9 fetched in 237ms
88 silly resolveWithNewModule [email protected] checking installable status
89 silly pacote range manifest for fast-safe-stringify@^2.0.6 fetched in 248ms
90 silly resolveWithNewModule [email protected] checking installable status
91 silly pacote range manifest for fast-redact@^1.4.2 fetched in 255ms
92 silly resolveWithNewModule [email protected] checking installable status
93 http fetch GET 200 https://registry.npmjs.org/semver-compare 140ms
94 silly pacote range manifest for semver-compare@^1.0.0 fetched in 150ms
95 silly resolveWithNewModule [email protected] checking installable status
96 http fetch GET 200 https://registry.npmjs.org/bindings 54ms
97 http fetch GET 200 https://registry.npmjs.org/bindings/-/bindings-1.3.0.tgz 150ms
98 silly pacote version manifest for bindings@=1.3.0 fetched in 219ms
99 silly resolveWithNewModule [email protected] checking installable status
100 http fetch GET 200 https://registry.npmjs.org/prebuilt-bindings 62ms
101 silly pacote range manifest for prebuilt-bindings@^1.0.3 fetched in 73ms
102 silly resolveWithNewModule [email protected] checking installable status
103 http fetch GET 200 https://registry.npmjs.org/nan 119ms
104 silly pacote range manifest for nan@^2.7.0 fetched in 135ms
105 silly resolveWithNewModule [email protected] checking installable status
106 http fetch GET 200 https://registry.npmjs.org/lodash.clonedeep 72ms
107 silly pacote range manifest for lodash.clonedeep@^4.5.0 fetched in 87ms
108 silly resolveWithNewModule [email protected] checking installable status
109 http fetch GET 200 https://registry.npmjs.org/dot-json 198ms
110 silly pacote range manifest for dot-json@^1.1.0 fetched in 216ms
111 silly resolveWithNewModule [email protected] checking installable status
112 http fetch GET 200 https://registry.npmjs.org/docopt 96ms
113 http fetch GET 200 https://registry.npmjs.org/underscore-keypath 104ms
114 silly pacote range manifest for docopt@~0.6.2 fetched in 130ms
115 silly resolveWithNewModule [email protected] checking installable status
116 silly pacote range manifest for underscore-keypath@~0.0.22 fetched in 135ms
117 silly resolveWithNewModule [email protected] checking installable status
118 http fetch GET 200 https://registry.npmjs.org/underscore 67ms
119 silly pacote range manifest for underscore@* fetched in 82ms
120 silly resolveWithNewModule [email protected] checking installable status
121 http fetch GET 200 https://registry.npmjs.org/which-module 146ms
122 http fetch GET 200 https://registry.npmjs.org/require-main-filename 155ms
123 http fetch GET 200 https://registry.npmjs.org/string-width 157ms
124 http fetch GET 200 https://registry.npmjs.org/cliui 195ms
125 http fetch GET 200 https://registry.npmjs.org/get-caller-file 187ms
126 http fetch GET 200 https://registry.npmjs.org/decamelize 208ms
127 http fetch GET 200 https://registry.npmjs.org/os-locale 209ms
128 http fetch GET 200 https://registry.npmjs.org/require-directory 209ms
129 http fetch GET 200 https://registry.npmjs.org/find-up 288ms
130 silly pacote range manifest for which-module@^2.0.0 fetched in 279ms
131 silly resolveWithNewModule [email protected] checking installable status
132 silly pacote range manifest for cliui@^4.0.0 fetched in 316ms
133 silly resolveWithNewModule [email protected] checking installable status
134 silly pacote range manifest for get-caller-file@^1.0.1 fetched in 309ms
135 silly resolveWithNewModule [email protected] checking installable status
136 silly pacote range manifest for require-directory@^2.1.1 fetched in 313ms
137 silly resolveWithNewModule [email protected] checking installable status
138 silly pacote range manifest for decamelize@^1.2.0 fetched in 329ms
139 silly resolveWithNewModule [email protected] checking installable status
140 silly pacote range manifest for os-locale@^3.0.0 fetched in 326ms
141 silly resolveWithNewModule [email protected] checking installable status
142 http fetch GET 200 https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz 162ms
143 http fetch GET 200 https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz 147ms
144 http fetch GET 200 https://registry.npmjs.org/set-blocking 335ms
145 silly pacote range manifest for find-up@^3.0.0 fetched in 376ms
146 silly resolveWithNewModule [email protected] checking installable status
147 silly pacote range manifest for require-main-filename@^1.0.1 fetched in 385ms
148 silly resolveWithNewModule [email protected] checking installable status
149 silly pacote range manifest for string-width@^2.0.0 fetched in 386ms
150 silly resolveWithNewModule [email protected] checking installable status
151 http fetch GET 200 https://registry.npmjs.org/y18n 103ms
152 silly pacote range manifest for set-blocking@^2.0.0 fetched in 393ms
153 silly resolveWithNewModule [email protected] checking installable status
154 http fetch GET 200 https://registry.npmjs.org/yargs-parser 101ms
155 silly pacote range manifest for y18n@^3.2.1 || ^4.0.0 fetched in 132ms
156 silly resolveWithNewModule [email protected] checking installable status
157 silly pacote range manifest for yargs-parser@^11.1.1 fetched in 121ms
158 silly resolveWithNewModule [email protected] checking installable status
159 http fetch GET 200 https://registry.npmjs.org/wrap-ansi 78ms
160 http fetch GET 200 https://registry.npmjs.org/strip-ansi 126ms
161 http fetch GET 200 https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz 91ms
162 http fetch GET 200 https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-2.1.0.tgz 146ms
163 silly pacote range manifest for strip-ansi@^4.0.0 fetched in 250ms
164 silly resolveWithNewModule [email protected] checking installable status
165 silly pacote range manifest for wrap-ansi@^2.0.0 fetched in 251ms
166 silly resolveWithNewModule [email protected] checking installable status
167 http fetch GET 200 https://registry.npmjs.org/is-fullwidth-code-point 92ms
168 silly pacote range manifest for is-fullwidth-code-point@^2.0.0 fetched in 101ms
169 silly resolveWithNewModule [email protected] checking installable status
170 http fetch GET 200 https://registry.npmjs.org/ansi-regex 61ms
171 http fetch GET 200 https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz 144ms
172 silly pacote range manifest for ansi-regex@^3.0.0 fetched in 220ms
173 silly resolveWithNewModule [email protected] checking installable status
174 http fetch GET 200 https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz 63ms
175 silly pacote range manifest for string-width@^1.0.1 fetched in 91ms
176 silly resolveWithNewModule [email protected] checking installable status
177 http fetch GET 200 https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz 84ms
178 silly pacote range manifest for strip-ansi@^3.0.1 fetched in 101ms
179 silly resolveWithNewModule [email protected] checking installable status
180 silly pacote range manifest for is-fullwidth-code-point@^1.0.0 fetched in 13ms
181 silly resolveWithNewModule [email protected] checking installable status
182 http fetch GET 200 https://registry.npmjs.org/code-point-at 60ms
183 silly pacote range manifest for code-point-at@^1.0.0 fetched in 80ms
184 silly resolveWithNewModule [email protected] checking installable status
185 http fetch GET 200 https://registry.npmjs.org/number-is-nan 62ms
186 silly pacote range manifest for number-is-nan@^1.0.0 fetched in 77ms
187 silly resolveWithNewModule [email protected] checking installable status
188 http fetch GET 200 https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz 63ms
189 silly pacote range manifest for ansi-regex@^2.0.0 fetched in 74ms
190 silly resolveWithNewModule [email protected] checking installable status
191 http fetch GET 200 https://registry.npmjs.org/locate-path 68ms
192 silly pacote range manifest for locate-path@^3.0.0 fetched in 78ms
193 silly resolveWithNewModule [email protected] checking installable status
194 http fetch GET 200 https://registry.npmjs.org/p-locate 73ms
195 http fetch GET 200 https://registry.npmjs.org/path-exists 89ms
196 silly pacote range manifest for path-exists@^3.0.0 fetched in 101ms
197 silly resolveWithNewModule [email protected] checking installable status
198 http fetch GET 200 https://registry.npmjs.org/p-locate/-/p-locate-3.0.0.tgz 55ms
199 silly pacote range manifest for p-locate@^3.0.0 fetched in 147ms
200 silly resolveWithNewModule [email protected] checking installable status
201 http fetch GET 200 https://registry.npmjs.org/p-limit 52ms
202 silly pacote range manifest for p-limit@^2.0.0 fetched in 68ms
203 silly resolveWithNewModule [email protected] checking installable status
204 http fetch GET 200 https://registry.npmjs.org/p-try 54ms
205 silly pacote range manifest for p-try@^2.0.0 fetched in 65ms
206 silly resolveWithNewModule [email protected] checking installable status
207 http fetch GET 200 https://registry.npmjs.org/mem 71ms
208 http fetch GET 200 https://registry.npmjs.org/lcid 81ms
209 http fetch GET 200 https://registry.npmjs.org/execa 91ms
210 silly pacote range manifest for mem@^4.0.0 fetched in 105ms
211 silly resolveWithNewModule [email protected] checking installable status
212 silly pacote range manifest for lcid@^2.0.0 fetched in 110ms
213 silly resolveWithNewModule [email protected] checking installable status
214 silly pacote range manifest for execa@^1.0.0 fetched in 114ms
215 silly resolveWithNewModule [email protected] checking installable status
216 http fetch GET 200 https://registry.npmjs.org/signal-exit 152ms
217 http fetch GET 200 https://registry.npmjs.org/strip-eof 155ms
218 http fetch GET 200 https://registry.npmjs.org/npm-run-path 168ms
219 http fetch GET 200 https://registry.npmjs.org/get-stream 183ms
220 http fetch GET 200 https://registry.npmjs.org/p-finally 179ms
221 http fetch GET 200 https://registry.npmjs.org/cross-spawn 188ms
222 http fetch GET 200 https://registry.npmjs.org/is-stream 206ms
223 silly pacote range manifest for signal-exit@^3.0.0 fetched in 216ms
224 silly resolveWithNewModule [email protected] checking installable status
225 silly pacote range manifest for npm-run-path@^2.0.0 fetched in 225ms
226 silly resolveWithNewModule [email protected] checking installable status
227 silly pacote range manifest for get-stream@^4.0.0 fetched in 236ms
228 silly resolveWithNewModule [email protected] checking installable status
229 silly pacote range manifest for p-finally@^1.0.0 fetched in 234ms
230 silly resolveWithNewModule [email protected] checking installable status
231 silly pacote range manifest for cross-spawn@^6.0.0 fetched in 244ms
232 silly resolveWithNewModule [email protected] checking installable status
233 silly pacote range manifest for is-stream@^1.1.0 fetched in 244ms
234 silly resolveWithNewModule [email protected] checking installable status
235 http fetch GET 200 https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz 97ms
236 silly pacote range manifest for strip-eof@^1.0.0 fetched in 269ms
237 silly resolveWithNewModule [email protected] checking installable status
238 http fetch GET 200 https://registry.npmjs.org/path-key 109ms
239 http fetch GET 200 https://registry.npmjs.org/nice-try 112ms
240 http fetch GET 200 https://registry.npmjs.org/semver 110ms
241 http fetch GET 200 https://registry.npmjs.org/which 109ms
242 http fetch GET 200 https://registry.npmjs.org/shebang-command 128ms
243 silly pacote range manifest for semver@^5.5.0 fetched in 148ms
244 silly resolveWithNewModule [email protected] checking installable status
245 silly pacote range manifest for which@^1.2.9 fetched in 146ms
246 silly resolveWithNewModule [email protected] checking installable status
247 silly pacote range manifest for path-key@^2.0.1 fetched in 156ms
248 silly resolveWithNewModule [email protected] checking installable status
249 silly pacote range manifest for nice-try@^1.0.4 fetched in 166ms
250 silly resolveWithNewModule [email protected] checking installable status
251 silly pacote range manifest for shebang-command@^1.2.0 fetched in 162ms
252 silly resolveWithNewModule [email protected] checking installable status
253 http fetch GET 200 https://registry.npmjs.org/shebang-regex 75ms
254 http fetch GET 200 https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz 128ms
255 silly pacote range manifest for shebang-regex@^1.0.0 fetched in 215ms
256 silly resolveWithNewModule [email protected] checking installable status
257 http fetch GET 200 https://registry.npmjs.org/isexe 153ms
258 silly pacote range manifest for isexe@^2.0.0 fetched in 173ms
259 silly resolveWithNewModule [email protected] checking installable status
260 http fetch GET 200 https://registry.npmjs.org/pump 65ms
261 http fetch GET 200 https://registry.npmjs.org/pump/-/pump-3.0.0.tgz 178ms
262 silly pacote range manifest for pump@^3.0.0 fetched in 261ms
263 silly resolveWithNewModule [email protected] checking installable status
264 http fetch GET 200 https://registry.npmjs.org/once 50ms
265 http fetch GET 200 https://registry.npmjs.org/end-of-stream 57ms
266 silly pacote range manifest for once@^1.3.1 fetched in 75ms
267 silly resolveWithNewModule [email protected] checking installable status
268 silly pacote range manifest for end-of-stream@^1.1.0 fetched in 80ms
269 silly resolveWithNewModule [email protected] checking installable status
270 http fetch GET 200 https://registry.npmjs.org/wrappy 43ms
271 silly pacote range manifest for wrappy@1 fetched in 51ms
272 silly resolveWithNewModule [email protected] checking installable status
273 http fetch GET 200 https://registry.npmjs.org/invert-kv 52ms
274 silly pacote range manifest for invert-kv@^2.0.0 fetched in 61ms
275 silly resolveWithNewModule [email protected] checking installable status
276 http fetch GET 200 https://registry.npmjs.org/mimic-fn 82ms
277 http fetch GET 200 https://registry.npmjs.org/map-age-cleaner 85ms
278 http fetch GET 200 https://registry.npmjs.org/p-is-promise 89ms
279 silly pacote range manifest for mimic-fn@^1.0.0 fetched in 104ms
280 silly resolveWithNewModule [email protected] checking installable status
281 silly pacote range manifest for map-age-cleaner@^0.1.1 fetched in 109ms
282 silly resolveWithNewModule [email protected] checking installable status
283 silly pacote range manifest for p-is-promise@^2.0.0 fetched in 110ms
284 silly resolveWithNewModule [email protected] checking installable status
285 http fetch GET 200 https://registry.npmjs.org/p-defer 62ms
286 silly pacote range manifest for p-defer@^1.0.0 fetched in 73ms
287 silly resolveWithNewModule [email protected] checking installable status
288 http fetch GET 200 https://registry.npmjs.org/camelcase 66ms
289 silly pacote range manifest for camelcase@^5.0.0 fetched in 83ms
290 silly resolveWithNewModule [email protected] checking installable status
291 http fetch GET 200 https://registry.npmjs.org/fd-slicer 69ms
292 silly pacote range manifest for fd-slicer@~1.1.0 fetched in 90ms
293 silly resolveWithNewModule [email protected] checking installable status
294 http fetch GET 200 https://registry.npmjs.org/buffer-crc32 87ms
295 silly pacote range manifest for buffer-crc32@~0.2.3 fetched in 97ms
296 silly resolveWithNewModule [email protected] checking installable status
297 http fetch GET 200 https://registry.npmjs.org/pend 47ms
298 silly pacote range manifest for pend@~1.2.0 fetched in 55ms
299 silly resolveWithNewModule [email protected] checking installable status
300 timing stage:loadIdealTree:loadAllDepsIntoIdealTree Completed in 7507ms
301 timing stage:loadIdealTree Completed in 7676ms
302 silly currentTree lib
303 silly idealTree lib
303 silly idealTree └─┬ [email protected]
303 silly idealTree   β”œβ”€β”€ @commonshost/[email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”¬ [email protected]
303 silly idealTree   β”‚ β”œβ”€β”€ [email protected]
303 silly idealTree   β”‚ β”œβ”€β”€ [email protected]
303 silly idealTree   β”‚ β”œβ”€β”€ [email protected]
303 silly idealTree   β”‚ └── [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   β”œβ”€β”€ [email protected]
303 silly idealTree   └── [email protected]
304 silly install generateActionsToTake
305 warn checkPermissions Missing write access to /home/pi/n/lib/node_modules
306 timing stage:rollbackFailedOptional Completed in 3ms
307 timing stage:runTopLevelLifecycles Completed in 8370ms
308 verbose stack Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules'
309 verbose cwd /home/dohnut
310 verbose Linux 4.14.79-v7+
311 verbose argv "/home/pi/n/bin/node" "/home/pi/n/bin/npm" "install" "--global" "dohnut@latest"
312 verbose node v11.10.0
313 verbose npm  v6.7.0
314 error path /home/pi/n/lib/node_modules
315 error code EACCES
316 error errno -13
317 error syscall access
318 error Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules'
318 error  { [Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules']
318 error   stack:
318 error    "Error: EACCES: permission denied, access '/home/pi/n/lib/node_modules'",
318 error   errno: -13,
318 error   code: 'EACCES',
318 error   syscall: 'access',
318 error   path: '/home/pi/n/lib/node_modules' }
319 error The operation was rejected by your operating system.
319 error It is likely you do not have the permissions to access this file as the current user
319 error
319 error If you believe this might be a permissions issue, please double-check the
319 error permissions of the file and its containing directories, or try running
319 error the command again as root/Administrator (though this is not recommended).
320 verbose exit [ -13, true ]
pi@raspberrypi:~ $```

Taking a look NPM looks like it gets installed in the pi user's home directory even though the Dohnut user is getting specified. This may be the expected output of the command?

`pi@raspberrypi:~ $ ls`
`n`

Double checking the install output to verify that `n` gets installed in the pi user home.

```pi@raspberrypi:/home/dohnut $ sudo -u dohnut curl -L https://git.io/n-install | bash -s -- -y latest
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100 39430  100 39430    0     0  55585      0 --:--:-- --:--:-- --:--:-- 55585
-- Cloning https://github.com/tj/n to '/home/pi/n/n/.repo'...
-- Running local n installation to '/home/pi/n/bin'...
-- Shell initialization file '/home/pi/.bashrc' updated.
-- Installing helper scripts in '/home/pi/n/bin'...
-- Installing the requested Node.js version(s)...
   1 of 1: latest...

     install : node-v11.10.0
       mkdir : /home/pi/n/n/versions/node/11.10.0
       fetch : https://nodejs.org/dist/v11.10.0/node-v11.10.0-linux-armv7l.tar.gz
######################################################################## 100.0%
   installed : v11.10.0

=== n successfully installed.
  The active Node.js version is: v11.10.0

  Run `n -h` for help.
  To update n later, run `n-update`.
  To uninstall, run `n-uninstall`.

  IMPORTANT: OPEN A NEW TERMINAL TAB/WINDOW or run `. /home/pi/.bashrc`
             before using n and Node.js.
===```

Support TXT resolver-associated-doh.arpa

Allow DoH-capable clients to discover an upstream DoH service used by the Dohnut proxy/stub resolver.

Associating a DoH Server with a Resolver

2.1. DoH Servers by TXT

To find the DoH Servers associated with a resolver, an application
sends that resolver a query for "resolver-associated-doh.arpa" in
class IN with the RRtype of TXT [RFC1035] (that is, the query is
resolver-associated-doh.arpa/IN/TXT).

As described in Section 6, the zone resolver-associated-doh.arpa is
not actually delegated and never will be. The resolver acts as if it
is delegated, and adds its own TXT records to the answer. The
resolver replies with its associated DoH servers as URI templates in
the TXT RRset in the Answer section. The resolver can generate this
reply with special code to capture queries for "resolver-associated-
doh.arpa"; if the resolver can be configured to also be authoritative
for some zones, it can use that configuration to actually be
authoritative for "resolver-associated-doh.arpa".

A resolver that understands this protocol MUST send a TXT RRset in
the Answer section. Each TXT record contains one URI template. If a
resolver that understands this protocol has no associated DoH
servers, the TXT RRset contains exactly one record that has an empty
string as the RDATA; that is, the RDLENGTH in that record is 1, and
the RDATA contains just the byte 0x00.

The client uses the TXT records in the response to the resolver-
associated-doh.arpa/IN/TXT query as a list of the URI templates of
the DoH servers associated with the resolver. Note that TXT records
can contain multiple "character-strings" [RFC1035]; for this
protocol, all characters-strings in a TXT record are concatenated to
form a single URI template.

The URI templates of the DoH servers associated with a resolver might
be hosted on the resolver itself, or a resolver hosted by the same
operator, or even hosted somewhere else. The latter could be used by
resolver operators who don't want to host DoH servers but trust
another operator to do so.

Add DNS sinkhole capabilities

We want to support block lists. If a query matches, then return the mapped response (without even relaying to the DOH server).

dohnut.service: Main process exited, code=exited, status=1/FAILURE

Hi. Trying to get this working on a Rasperry Pi 3 B+ running the latest Raspian OS. Followed the instructions for setting up Dohnut with systemd (https://help.commons.host/dohnut/systemd/), systemctl status dohnut.socket shows the socket is active, systemctl status dohnut.service shows the status as "activating" (rather than active):

$ systemctl status dohnut.service
● dohnut.service - Dohnut DNS over HTTPS proxy
  Loaded: loaded (/etc/systemd/system/dohnut.service; static; vendor preset: enabled)
  Active: activating (start) since Wed 2021-02-03 11:35:25 EST; 1s ago
Main PID: 23024 (node)
   Tasks: 7 (limit: 2063)
  CGroup: /system.slice/dohnut.service
          └─23024 npm

Test dig fails with:

$ dig @127.0.0.1 -p 53000 example.com

; <<>> DiG 9.11.5-P4-5.1+deb10u2-Raspbian <<>> @127.0.0.1 -p 53000 example.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Error log:

Feb 03 09:42:05 raspberrypi systemd[1]: Starting Dohnut DNS over HTTPS proxy...
Feb 03 09:42:08 raspberrypi dohnut[30609]: Trace: Error: Cannot collect fds meant for pid 30609 in pid 30621
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Object.module.exports.collect (/home/dohnut/n/lib/node_modules/dohnut/node_modules/socket-activation/src/systemd.js:32:11)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at parseOptions (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:78:43)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at main (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:213:25)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Object.<anonymous> (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:251:1)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Module._compile (node:internal/modules/cjs/loader:1108:14)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Object.Module._extensions..js (node:internal/modules/cjs/loader:1137:10)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Module.load (node:internal/modules/cjs/loader:973:32)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Function.Module._load (node:internal/modules/cjs/loader:813:14)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at Module.require (node:internal/modules/cjs/loader:997:19)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at require (node:internal/modules/cjs/helpers:92:18)
Feb 03 09:42:08 raspberrypi dohnut[30609]:     at /home/dohnut/n/lib/node_modules/dohnut/source/cli.js:254:13
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR! code 1
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR! path /home/dohnut
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR! command failed
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR! command sh -c dohnut "--config" "/etc/dohnut/options.json"
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR! A complete log of this run can be found in:
Feb 03 09:42:08 raspberrypi dohnut[30609]: npm ERR!     /home/dohnut/.npm/_logs/2021-02-03T14_42_08_246Z-debug.log
Feb 03 09:42:08 raspberrypi systemd[1]: dohnut.service: Main process exited, code=exited, status=1/FAILURE
Feb 03 09:42:08 raspberrypi systemd[1]: dohnut.service: Failed with result 'exit-code'.

Any ideas what the problem might be?

Problems with PiHole

Hello,

Thanks for a good software!
But I'm having problems running it with pihole.

I have a DoT local DoT proxy forwarding/translating incoming requests from 853 to Pihole which has upstream 1.1.1.1 it works fine.

When using Dohnut in docker, run with this command
docker run --detach --restart unless-stopped --publish 0.0.0.0:531:53/udp commonshost/dohnut --listen 0.0.0.0:53 --doh commonshost --bootstrap 1.1.1.1
It works fine on its own, dig @localhost github.com -p 531 gets a reply.

However, when setting the upstream in pihole to 127.0.0.1#531 i only get this kind of errors in the pihole log.

Dec  5 16:51:39 dnsmasq[31475]: query[A] play.google.com from 127.0.0.1
Dec  5 16:51:39 dnsmasq[31475]: config error is REFUSED

Any idea what could be the issue? :(
Thanks in advance for your time!

Can not use multiple bootstrap values when using environment variables

If you use environment variables to set the bootstrap parameter it will throw an error when trying to query the server. Even though this exact variable is used as an example in the documentation.

steps to reproduce

docker run --net=host -e DOHNUT_BOOTSTRAP="1.1.1.1 8.8.8.8" commonshost/dohnut --listen 0.0.0.0:5553 --doh commonshost Started listening on 0.0.0.0:5553 (udp4)
systemd notifications and heartbeat are unavailable
Selected https://commons.host
Worker 1: connecting to https://commons.host

events.js:186
      throw er; // Unhandled 'error' event
      ^
TypeError [ERR_INVALID_IP_ADDRESS]: Invalid IP address: 1.1.1.1 8.8.8.8
    at internal/dns/utils.js:87:13
    at Array.forEach (<anonymous>)
    at Resolver.setServers (internal/dns/utils.js:51:13)
    at lookupCustomDnsServers (/app/source/worker.js:118:12)
    at MessagePort.<anonymous> (/app/source/worker.js:216:24)
    at MessagePort.emit (events.js:209:13)
    at MessagePort.onmessage (internal/worker/io.js:70:8)
Emitted 'error' event on Worker instance at:
    at Worker.[kOnErrorMessage] (internal/worker.js:176:10)
    at Worker.[kOnMessage] (internal/worker.js:186:37)
    at MessagePort.<anonymous> (internal/worker.js:118:57)
    at MessagePort.emit (events.js:209:13)
    at MessagePort.onmessage (internal/worker/io.js:70:8)

try to resolve google with
nslookup -port=5553 google.com 127.0.0.1

solution

Add bootstrap to list of parameters that are allowed to be multiples in cli.js

Pull request is incoming and adds a docker-compose example to the docs.

Debian on vps error: socket name does not exist; No local DNS listeners specified

Hi,
I am trying to run dohnut on debian 10. I set everything up according to https://github.com/commonshost/dohnut/tree/master/docs/systemd

The service crashes when I start it using: dig @127.0.0.1 -p 53000 example.com
I get an error message: url cannot be reached.

$ journalctl -f -n 100 -u dohnut
May 15 23:38:53 systemd[1]: dohnut.service: Main process exited, code=exited, status=1/FAILURE
May 15 23:38:53 systemd[1]: dohnut.service: Failed with result 'exit-code'.
May 15 23:38:53 systemd[1]: Failed to start Dohnut DNS over HTTPS proxy.
May 15 23:38:53 systemd[1]: dohnut.service: Service RestartSec=100ms expired, scheduling restart.
May 15 23:38:53 systemd[1]: dohnut.service: Scheduled restart job, restart counter is at 4.
systemd[1]: Stopped Dohnut DNS over HTTPS proxy.
systemd[1]: Starting Dohnut DNS over HTTPS proxy...
dohnut[3124]: The socket name specified does not exist
dohnut[3124]: Trace: Error: No local DNS listeners specified.
dohnut[3124]: at parseOptions (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:99:11)
dohnut[3124]: at main (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:201:25)
dohnut[3124]: at Object. (/home/dohnut/n/lib/node_modules/dohnut/source/cli.js:240:1)
dohnut[3124]: at Module._compile (internal/modules/cjs/loader.js:1176:30)
dohnut[3124]: at Object.Module._extensions..js (internal/modules/cjs/loader.js:1196:10)
dohnut[3124]: at Module.load (internal/modules/cjs/loader.js:1040:32)
dohnut[3124]: at Function.Module._load (internal/modules/cjs/loader.js:929:14)
dohnut[3124]: at Module.require (internal/modules/cjs/loader.js:1080:19)
dohnut[3124]: at require (internal/modules/cjs/helpers.js:72:18)
dohnut[3124]: at Object. (/home/dohnut/n/lib/node_modules/dohnut/source/bin.js:5:1)
dohnut[3124]: at /home/dohnut/n/lib/node_modules/dohnut/source/cli.js:243:13
systemd[1]: dohnut.service: Main process exited, code=exited, status=1/FAILURE

I am not sure what went wrong, it's probably to do with slight differences between ubuntu and debian, but I've no clue what command has to be changed.

Reinforcement learning

The DNS queries are currently randomly assigned across a single connection. This is sub-optimal.

Would be better to track the latency of past queries. Even a small number of samples like 10 RTTs per connection should give a meaningful median time as performance benchmark. Assigning a small percentage of queries to random connection is enough to keep feeding the learning loop. These random samples could even be sent out in parallel to avoid the cost of misallocation to slower connections, which would otherwise affect the p95+ performance.

Use AltSvc frames to discover more DoH endpoints

A DoH server may send AltSvc frames to Dohnut. These should be treated as alternative connections for load balancing purposes. I.e. discover a lower latency edge server.

With GeoDNS it's not always clear which edge server is lower latency. Network distance !== map distance. For long-lived DoH connections this may provide a self-optimising solution.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.