require 'formula' class DnscryptProxy < Formula homepage 'http://dnscrypt.org' url 'http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.0.tar.gz' sha256 '60b57b36aa15706c4cd0c348fc59534c15913c282a2b7d4db0b3787167b33502' head do url 'https://github.com/opendns/dnscrypt-proxy.git', :branch => 'master' depends_on :autoconf depends_on :automake depends_on :libtool end option "plugins", "Support plugins and install example plugins." depends_on 'libsodium' def install system "autoreconf", "-if" if build.head? args = ["--disable-dependency-tracking", "--prefix=#{prefix}"] if build.include? "plugins" args << "--enable-plugins" args << "--enable-relaxed-plugins-permissions" args << "--enable-plugins-root" end system "./configure", *args system "make install" end def caveats; <<-EOS.undent After starting dnscrypt-proxy, you will need to point your local DNS server to 127.0.0.1. You can do this by going to System Preferences > "Network" and clicking the "Advanced..." button for your interface. You will see a "DNS" tab where you can click "+" and enter 127.0.0.1 in the "DNS Servers" section. By default, dnscrypt-proxy runs on localhost (127.0.0.1), port 53, and under the "nobody" user using the default OpenDNS DNSCrypt-enabled resolver. If you would like to change these settings (e.g., switching to a DNSCrypt-enabled resolver with DNSSEC support), you will have to edit the plist file (e.g., --resolver-address, --provider-name, --provider-key, etc.) To check that dnscrypt-proxy is working correctly, open Terminal and enter the following command: dig txt debug.opendns.com You should see a line in the result that looks like this: debug.opendns.com. 0 IN TXT "dnscrypt enabled (......)" Note: This will only work if you are using the default OpenDNS DNSCrypt-enabled resolver. If you are using a different resolver, you can use a tool like tcpdump to verify that everything is working correctly. EOS end plist_options :startup => true def plist; <<-EOS.undent Label #{plist_name} KeepAlive RunAtLoad ProgramArguments #{opt_sbin}/dnscrypt-proxy --user=nobody --resolver-name=opendns UserName root StandardErrorPath /dev/null StandardOutPath /dev/null EOS end end