rene/macbook-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WireGuard DNS via resolvectl statt DNS= Direktive

Browse source 
wg-quick DNS= setzt catch-all (~.) ueber resolvconf, was
systemd-resolved Stub-Resolver blockiert. Flatpak-Apps (Brave,
PrusaSlicer) koennen 127.0.0.53 nicht erreichen und haben
kein DNS. Fix: PostUp/PostDown mit resolvectl fuer korrektes
Interface-basiertes DNS. resolv.conf zeigt auf stub-resolv.conf.
This commit is contained in:
rene 2026-03-13 08:54:24 +01:00
parent d98fa5530b
commit da87ac255e
3 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
setup-base.sh
View file

@ -161,9 +161,9 @@ if [[ -n "$REPO_DIR" && -f "$REPO_DIR/wireguard/m${MODEL}.conf" ]]; then
cp "$REPO_DIR/wireguard/m${MODEL}.conf" /etc/wireguard/wg0.conf cp "$REPO_DIR/wireguard/m${MODEL}.conf" /etc/wireguard/wg0.conf
chmod 600 /etc/wireguard/wg0.conf chmod 600 /etc/wireguard/wg0.conf
systemctl enable wg-quick@wg0 2>/dev/null || true systemctl enable wg-quick@wg0 2>/dev/null || true
# systemd-resolved Stub funktioniert nicht mit WireGuard DNS catch-all (~.) # Stub-Resolver noetig fuer Flatpak-Apps (Brave, PrusaSlicer)
# → resolv.conf direkt auf die upstream-Server zeigen lassen # DNS wird per PostUp/PostDown in der wg-Config via resolvectl gesetzt
ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
ok "WireGuard m${MODEL}.conf → /etc/wireguard/wg0.conf" ok "WireGuard m${MODEL}.conf → /etc/wireguard/wg0.conf"
else else
warn "WireGuard: keine lokale Config gefunden — manuell einrichten" warn "WireGuard: keine lokale Config gefunden — manuell einrichten"

3
wireguard/m13.conf
View file

@ -2,7 +2,8 @@
PrivateKey = sIxh2D50+9bpWe6O6ezrfybW9Iy6QKcrwr9hmFpuGn0= PrivateKey = sIxh2D50+9bpWe6O6ezrfybW9Iy6QKcrwr9hmFpuGn0=
ListenPort = 51820 ListenPort = 51820
Address = 10.13.13.8/24 Address = 10.13.13.8/24
DNS = 10.47.11.20,10.47.11.1 PostUp = resolvectl dns %i 10.47.11.20 10.47.11.1
PostDown = resolvectl revert %i
[Peer] [Peer]
PublicKey = 7WrqHPof31gcCYMjLWPoP1EIxPR2896/3KL1pQ3YZGs= PublicKey = 7WrqHPof31gcCYMjLWPoP1EIxPR2896/3KL1pQ3YZGs=

3
wireguard/m16.conf
View file

@ -2,7 +2,8 @@
PrivateKey = OA5IiSzPglSY8GdobOYMlaOaG+QqNjHIACBRe7MvK04= PrivateKey = OA5IiSzPglSY8GdobOYMlaOaG+QqNjHIACBRe7MvK04=
ListenPort = 51820 ListenPort = 51820
Address = 10.13.13.7/24 Address = 10.13.13.7/24
DNS = 10.47.11.20,10.47.11.1 PostUp = resolvectl dns %i 10.47.11.20 10.47.11.1
PostDown = resolvectl revert %i
[Peer] [Peer]
PublicKey = J/dD1t3Bo9Zbcvxg6PvGP78kgMlL4s4yYfrUMpcoS2w= PublicKey = J/dD1t3Bo9Zbcvxg6PvGP78kgMlL4s4yYfrUMpcoS2w=