class DnscryptProxy < Formula homepage "http://dnscrypt.org" url "https://github.com/jedisct1/dnscrypt-proxy/releases/download/1.4.3/dnscrypt-proxy-1.4.3.tar.gz" mirror "http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.3.tar.gz" sha256 "f10f10c18e25ced3c5ec5d0c4145d33270f9cfa991fd1b18d5d9af00e4d9b68e" bottle do sha1 "33cb7a65e5ddd861e679a65dcfe9530e3c531b43" => :yosemite sha1 "579e4e3835a617db90740e6bc70834561e2f240b" => :mavericks sha1 "2896d20fc0671986aff1e774fdd419f9e5562b8f" => :mountain_lion end head do url "https://github.com/jedisct1/dnscrypt-proxy.git" depends_on "autoconf" => :build depends_on "automake" => :build depends_on "libtool" => :build end option "with-plugins", "Support plugins and install example plugins." deprecated_option "plugins" => "with-plugins" depends_on "libsodium" def install system "autoreconf", "-if" if build.head? args = ["--disable-dependency-tracking", "--prefix=#{prefix}"] if build.with? "plugins" args << "--enable-plugins" args << "--enable-relaxed-plugins-permissions" args << "--enable-plugins-root" end system "./configure", *args system "make", "install" end def caveats; <<-EOS.undent After starting dnscrypt-proxy, you will need to point your local DNS server to 127.0.0.1. You can do this by going to System Preferences > "Network" and clicking the "Advanced..." button for your interface. You will see a "DNS" tab where you can click "+" and enter 127.0.0.1 in the "DNS Servers" section. By default, dnscrypt-proxy runs on localhost (127.0.0.1), port 53, and under the "nobody" user using the default OpenDNS DNSCrypt-enabled resolver. If you would like to change these settings (e.g., switching to a DNSCrypt-enabled resolver with DNSSEC support), you will have to edit the plist file (e.g., --resolver-address, --provider-name, --provider-key, etc.) To check that dnscrypt-proxy is working correctly, open Terminal and enter the following command: dig txt debug.opendns.com You should see a line in the result that looks like this: debug.opendns.com. 0 IN TXT "dnscrypt enabled (......)" Note: This will only work if you are using the default OpenDNS DNSCrypt-enabled resolver. If you are using a different resolver, you can use a tool like tcpdump to verify that everything is working correctly. EOS end plist_options :startup => true def plist; <<-EOS.undent Label #{plist_name} KeepAlive RunAtLoad ProgramArguments #{opt_sbin}/dnscrypt-proxy --user=nobody --resolver-name=opendns UserName root StandardErrorPath /dev/null StandardOutPath /dev/null EOS end test do system "#{sbin}/dnscrypt-proxy", "--version" end end