andrew on Nostr: Spent too much time making Safari and Orion open onion links on macOS. Local tor, ...
Spent too much time making Safari and Orion open onion links on macOS. Local tor, privoxy, unbound — mDNSResponder kept dropping *.onion queries.
Tracked it down to undocumented Apple code. /etc/resolver/onion did the trick on Ventura. Ugh, what a mess.
https://github.com/apple-oss-distributions/configd/blob/ebd2cef166d947659a001b076ea919351f7baf5d/Plugins/IPMonitor/controller.m#L1492-L1553
Here are the core configs:
/etc/resolver/onion:nameserver 127.0.0.1
/opt/homebrew/etc/privoxy/user.action:{+forward-override{forward-socks5t 127.0.0.1:9050 .}}
/opt/homebrew/etc/privoxy/user.action:.onion
/opt/homebrew/etc/privoxy/user.action:check.torproject.org
/opt/homebrew/etc/unbound/unbound.conf: private-domain: "onion"
/opt/homebrew/etc/unbound/unbound.conf: domain-insecure: "onion"
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." nodefault
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." redirect
/opt/homebrew/etc/unbound/unbound.conf: local-data: "onion. IN A 1.1.1.1"
Tracked it down to undocumented Apple code. /etc/resolver/onion did the trick on Ventura. Ugh, what a mess.
https://github.com/apple-oss-distributions/configd/blob/ebd2cef166d947659a001b076ea919351f7baf5d/Plugins/IPMonitor/controller.m#L1492-L1553
Here are the core configs:
/etc/resolver/onion:nameserver 127.0.0.1
/opt/homebrew/etc/privoxy/user.action:{+forward-override{forward-socks5t 127.0.0.1:9050 .}}
/opt/homebrew/etc/privoxy/user.action:.onion
/opt/homebrew/etc/privoxy/user.action:check.torproject.org
/opt/homebrew/etc/unbound/unbound.conf: private-domain: "onion"
/opt/homebrew/etc/unbound/unbound.conf: domain-insecure: "onion"
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." nodefault
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." redirect
/opt/homebrew/etc/unbound/unbound.conf: local-data: "onion. IN A 1.1.1.1"