<Mic92>
Not sure yet what the best way is to get it upstream.
<andi->
Well I want it to work even on captiveportal networks. I am not very keen on downgrade protection by default. DNS encryption is another problem that should be tackled elsewhere. I am mostly keen on having a non-techy happy with resolved on their notebook while roaming between many different wifis and address families.
ckauhaus has quit [Quit: WeeChat 2.7.1]
hmpffff has joined #nixos-systemd
hmpffff has quit [Quit: nchrrrr…]
<Mic92>
andi-: The issue is that it falls-back to udp after connection errors and never upgrades to tls-over-dns at all. My server does not support port 53.
<Mic92>
andi-: I very much appreciate the android approach to portals. i.e. opening a webview that uses the DHCP's DNS. We have that in NixOS too. It's called captive-browser.
<andi->
Yeah but it requires the user to know what DNS is and why a different browser has to be started now. I would like to polish the average user case first. Starting a different browser in some situations is likely the job of Gnome/KDE/…
hmpffff has joined #nixos-systemd
<aanderse>
so i'm doing some hacky but useful stuff with tmpfiles that depends on ldap users existing... what is the best way i can have tmpfiles --create run again after nss-user-lookup.target is reached?
<aanderse>
i suppose i'm working off the assumption that tmpfiles is needed before nss-user-lookup.target... but i think thats a pretty sound assumption
lukegb is now known as nijzat
<Mic92>
aanderse: I would create a different tmpfiles file that you run after this target.
<aanderse>
<aanderse "i suppose i'm working off the as"> Mic92: cool thanks I'll give that a go