From 12c07fc3f99ce425e72fa6c0f690c8a84ef8c04e Mon Sep 17 00:00:00 2001
From: Derek Su <derek.su@suse.com>
Date: Mon, 18 Oct 2021 13:39:32 +0800
Subject: [PATCH] Fix generic/ubuntu dns

https://github.com/lavabit/robox/issues/54
---
 Vagrantfile                       |  8 +++++-
 scripts/fix.generic-ubuntu-dns.sh | 44 +++++++++++++++++++++++++++++++
 2 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 scripts/fix.generic-ubuntu-dns.sh

diff --git a/Vagrantfile b/Vagrantfile
index 88ae730..c17b97b 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -48,11 +48,17 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
     apt-get update -y
     apt-get install -y git vim curl build-essential openssh-server
     apt-get install -y jq open-iscsi nfs-common
-    
+
     echo "export CRI_CONFIG_FILE=/var/lib/rancher/rke2/agent/etc/crictl.yaml" >> /root/.bashrc
     echo "export PATH=$PATH:/var/lib/rancher/rke2/bin" >> /root/.bashrc
   SHELL
 
+  config.vm.provision "net",
+    type: "shell",
+    path: "scripts/fix.generic-ubuntu-dns.sh",
+    privileged: true,
+    run: "always"
+
   # Server node
   config.vm.define "#{server_hostname}" do |node|
     node.vm.hostname = "#{server_hostname}"
diff --git a/scripts/fix.generic-ubuntu-dns.sh b/scripts/fix.generic-ubuntu-dns.sh
new file mode 100644
index 0000000..2ce3e8c
--- /dev/null
+++ b/scripts/fix.generic-ubuntu-dns.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+# see:
+# https://github.com/lavabit/robox/issues/11
+# https://github.com/lavabit/robox/issues/54
+
+# exit if we are not on modern ubuntu version
+test -d /etc/netplan || exit 0
+
+# Reset netplan config, not really needed; just to clearly indicate no fixed dns is used
+tee <<EOF > /etc/netplan/01-netcfg.yaml
+network:
+  version: 2
+  renderer: networkd
+  ethernets:
+    eth0:
+      dhcp4: true
+      dhcp6: false
+      optional: true
+      nameservers:
+        addresses: []
+EOF
+netplan generate
+systemctl restart systemd-networkd.service
+systemctl restart ifplugd.service
+
+# Remove fixed DNS entries and disable DNSSEC, disable flaky caching, or emdns
+tee <<EOF > /etc/systemd/resolved.conf
+[Resolve]
+DNS=
+FallbackDNS=
+Domains=
+#LLMNR=no
+#MulticastDNS=no
+DNSSEC=no
+Cache=no
+DNSStubListener=yes
+EOF
+
+systemctl daemon-reload
+systemctl restart systemd-resolved
+
+echo "Fixed networking."
+
+# verify with: systemd-resolve --status