add dnsmasq instructions for DNS override

docs/dnsmasq.md

@@ -0,0 +1,80 @@
+# DNSMasq
+A simple and lightweight DNS and DHCP server for local development.
+
+Personally I have only yet used this to circumvent NAT Loopback issues with my router, but it can be used for much more.
+
+## Installation
+It's a simple
+```sh
+pacman -S dnsmasq
+```
+
+### Configuration
+
+We need to disable the systemd-resolved service, as it will conflict with DNSMasq.
+Afterwards we can start the DNSMasq service.
+```sh
+systemctl disable systemd-resolved.service
+systemctl stop systemd-resolved.service
+systemctl enable --now dnsmasq.service
+```
+
+We can now look into the configuration file at `/etc/dnsmasq.conf` and make changes to our liking.
+
+```conf
+listen-address=::1,127.0.0.1,192.168.1.1
+```
+
+More cached DNS queries:
+```conf
+cache-size=1000
+```
+(max 10000)
+
+
+DNSSec validation:
+```conf
+conf-file=/usr/share/dnsmasq/trust-anchors.conf
+dnssec
+```
+
+## DNS Forwarding
+We will most likely not have all wanted DNS entries ourselves and should look these up on a different server.
+We can do this by chaning `/etc/resolv.conf` to the following:
+```conf
+nameserver ::1
+nameserver 127.0.0.1
+options trust-ad
+```
+If we want Networkmanager to not overwrite this file, we can set it to immutable:
+```sh
+chattr +i /etc/resolv.conf
+```
+then restart Networkmanager:
+```sh
+systemctl restart NetworkManager.service
+```
+
+Now add your upstream DNS servers to `/etc/dnsmasq.conf`:
+```conf
+no-resolv
+
+# Google's nameservers, for example
+server=8.8.8.8
+server=8.8.4.4
+```
+
+## Address Overrides
+For NAT Loopback we need to override the DNS entries for our local network.
+For example if we want to direct `cloud.example.com` to our server directly, we can add the following to `/etc/dnsmasq.conf`:
+```conf
+address=/cloud.example.com/192.168.1.2
+```
+adjust the IP address to your setup.
+
+After restarting the dnsmasq service, we can check if the DNS entry is correct:
+```sh
+drill cloud.example.com
+```
+
+You can now set this DNS server as your primary DNS server in your router or on your local machine.

docs/nextcloud.md

@@ -252,12 +252,12 @@ You might see in your admin overview (https://cloud.example.com/settings/admin/o
 Your remote address was identified as "192.168.1.1" and is bruteforce throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly. Further information can be found in the documentation ↗.
 
 This is because Nextcloud is not able to detect the specific local machine you're connecting from and hence throttles all local connections.
-The underlying issue is not Nextcloud but your Network setup, specifically your router.
+The underlying issue is not Nextcloud but your Network setup, specifically your router not allowing for the disabling of NAT Loopback.
 Discussion of this problem can be found here: https://help.nextcloud.com/t/all-lan-ips-are-shown-as-the-router-gateway-how-can-i-get-the-actual-ip-address/134872
 
 Your solution: Set up a local DNS server and resolve your domain to your local IP address, not the public one.
-
-TODO
+A simple appraoch would be to use dnsmasq for this.
+See [my dnsmasq.md](./dnsmasq.md) for more details on how to set this up.
 
 ## Syncing files with Nextcloud
 They GUI for syncing is surprisingly unusable, luckily the CLI is much better.

index.md

@@ -29,6 +29,7 @@ Happy to accept pull requests for new topics!
 - [docker](docs/docker.md) General tips and tricks around the container manager
 - [Searx](docs/Searx.md) A meta searchengine which respects privacy. Arch setup guide.
 - [Nextcloud](docs/Nextcloud.md) A self-hosted cloud solution. Installation (on Arch), configuration, and usage tips.
+- [dnsmasq](docs/dnsmasq.md) A lightweight DNS server with DHCP and TFTP support.
 
 =======
 - [calcurse sync](docs/calDAV.md) Sync calcurse with you phone etc.