path: root/README.md

# 0TDNS - Zero Trust DNS
A way to control name resolution

First - get some openvpn config; http://vpngate.net seems like a good place to go

ACHTUNG! Openvpn configs can be malicious and can execute arbitrary commands on
your system! Always look into the config before using it :)

Now let's say you want to run `ping fsf.org` through openvpn connection.
Let's say `conf.ovpn` is your openvpn config file.
First, install relevant scripts on your system

    # ./install.sh

You can also install to an arbitrary directory
(0tdns won't run from there, however; this is just to make things easier for
distro packagers or to install in a chroot)

    # ./install.sh /path/to/installation/root

The `install.sh` script above only copies some files to the filesystem.
You also need some setup, which is done with

    # ./setup.sh

For now, the `setup.sh` script creates a `0tdns` user in the system
and adds an entry in root's crontab. Some other setup-related stuff
might be added to it later.

One might wonder why there isn't a single script to install files and
setup the system? The reason is, again, to make things easier for distros.
Packager would install software to a directory and make a package from it
(using appropriate tools, of course). They would use commands from
`setup.sh` to create a script, that is attached to the package and run
at installation.

Now, execute:

    # ./vpn_wrapper.sh conf.ovpn ping fsf.org

the wrapper shall create an openvpn connection and a network namespace with
all packets (except those to localhost) routed through the vpn. It then executes
given command inside the namespace.

For now - this is all that can be simply tried out. Other parts of the project
work with database.

For other half (database creation and front-end) check https://github.com/kamsza/io_django

You can remove te user nad crontab entry with

    # ./uninstall.sh

To do this and also remove files, run

    # ./uninstall.sh --delete-files