Open MTRNord opened 3 years ago
richvdh
commented
3 years ago So the integration usually is as easy as editing /etc/resolv.conf.
I must be missing something here. If integration is as easy as editing /etc/resolv.conf, why don't you just... edit /etc/resolv.conf ?
ShadowJonathan
commented
3 years ago There's a problem with that when it comes to containers, as resolv.conf is managed by docker, and usually also RO.
This is about direct application integration, if im looking at it correctly.
MTRNord
commented
3 years ago So the integration usually is as easy as editing /etc/resolv.conf.
I must be missing something here. If integration is as easy as editing
/etc/resolv.conf, why don't you just... edit/etc/resolv.conf?
Exactly what @ShadowJonathan says but also the possibility to have this only enabled within synapse/matrix without having to change it globally for your system. Because global changes may for example not be wanted if you have a local DNS running for extra stuff where this may (or may not) get problematic due to the different root zone.
richvdh
commented
3 years ago ok, so this could be rephrased as "option to override resolve.conf with custom resolvers" rather than necessarily being specific to opennic?
MTRNord
commented
3 years ago ok, so this could be rephrased as "option to override resolve.conf with custom resolvers" rather than necessarily being specific to opennic?
Yes that would also be fine with me :) that would also be inclusive with other stuff. This mainly was opennic specific as that from my view had a direct matrix benefit :)
Preamble
As described in https://matrix.to/#/!XaqDhxuTIlvldquJaV:matrix.org/$m59cU5FR-fl6Rhl8132sdgoqHTZDBmXAEf2KP9FPXAc?via=matrix.org&via=vector.modular.im&via=beeper.com I am currently looking at opennic integration for synapse.
The Idea is simple. Have a config flag in synapse that makes synapse additionally to the system wide servers also check fed on the opennic dns servers.
OpenNic can be found at https://www.opennic.org
Please note I am in no way a direct representative of that project but instead I am simply a user of it and matrix. (Mentioning this to avoid the feeling of having a conflict of interest)
Why having Opennic in Synapse makes sense while TOR doesnt get integrated
OpenNic is a project providing a community maintained and free root dns zone. This in my opinion fits very much the motive Matrix as a protocol has. It archieves an open, not money based, and federated DNS network where everyone can participate for free on.
While TOR does provide something similiar the Opennic project doesnt require any special setup apart from setting a different DNS server. So the integration usually is as easy as editing
/etc/resolv.conf.So you may ask why synapse should integrate this.
The reason I think it is good is as simple: It lowers the barrier needed to make it possible to properly federate with people using opennic domains. Usually you need a jump server for that as other servers will never be able to access the domain without additional setup which would even affect the whole server. By making it an option in synapse it a) would not affect the whole system b) people know it is available but are not forced to support it c) Turning a config flag is done faster as you do not have to figure out which dns server to use.
Additional notes:
This issue is primarily an open discussion at this time if this makes even sense to have as this likely is controversial. Especially as it may or may not be a bigish diff for the code of synapse to add a fallback dns to the regular resolving on federation.
My personal wish is this would fit the motive of matrix quite well and is much easier to support than TOR.