From b6f018a2b1d345729571b75b580e287f06d24f8f Mon Sep 17 00:00:00 2001
From: ColorfulRhino <131405023+ColorfulRhino@users.noreply.github.com>
Date: Thu, 20 Jun 2024 16:31:49 +0200
Subject: [PATCH] net: Use resolved for DNS resolution

- Use resolved no matter what manages the network (networkd or NetworkManager)
- Use resolved.conf.d/ directory to set DNS as recommended by resolved itself
- In armbian-firstrun, remove config specific to mvebu64|mt7623 since this is now done by default
---
 extensions/network/net-network-manager.sh         |  7 +++++++
 extensions/network/net-systemd-neworkd.sh         |  5 ++---
 lib/functions/rootfs/distro-specific.sh           | 13 ++++++++++++-
 lib/functions/rootfs/post-tweaks.sh               | 15 +++++----------
 .../bsp/common/usr/lib/armbian/armbian-firstrun   |  9 ---------
 5 files changed, 26 insertions(+), 23 deletions(-)

diff --git a/extensions/network/net-network-manager.sh b/extensions/network/net-network-manager.sh
index f97a368b4b..a6b4d42a80 100644
--- a/extensions/network/net-network-manager.sh
+++ b/extensions/network/net-network-manager.sh
@@ -19,7 +19,14 @@ function add_host_dependencies__install_network_manager() {
 function pre_install_kernel_debs__configure_network_manager() {
 	display_alert "Extension: ${EXTENSION}: Enabling Network-Manager" "" "info"
 
+	# Enable resolved
+	# Very likely not needed to enable manually since resolved is enabled by default
+	# NetworkManager can use systemd-resolved as a DNS resolver and cache.
+	# systemd-resolved will be used automatically if /etc/resolv.conf is a symlink to /run/systemd/resolve/stub-resolv.conf (source: https://wiki.archlinux.org/title/NetworkManager)
+	chroot_sdcard systemctl enable systemd-resolved.service || display_alert "Failed to enable systemd-resolved.service" "" "wrn"
+
 	# We can't disable/mask systemd-networkd.service since it is required by Netplan
+	# There shouldn't be any conflicts since Netplan is configured in such a way that NetworkManager manages all network devices
 
 	# Most likely we don't need to wait for nm to get online
 	chroot_sdcard systemctl disable NetworkManager-wait-online.service
diff --git a/extensions/network/net-systemd-neworkd.sh b/extensions/network/net-systemd-neworkd.sh
index 747afb04e8..779f2baa65 100644
--- a/extensions/network/net-systemd-neworkd.sh
+++ b/extensions/network/net-systemd-neworkd.sh
@@ -10,10 +10,9 @@ function pre_install_kernel_debs__configure_systemd_networkd()
 {
 	display_alert "Extension: ${EXTENSION}: Enabling systemd-networkd" "" "info"
 
-	# Enable networkd
+	# Enable networkd and resolved
+	# Very likely not needed to enable manually since these services are enabled by default
 	chroot_sdcard systemctl enable systemd-networkd.service || display_alert "Failed to enable systemd-networkd.service" "" "wrn"
-
-	# Enable resolved too
 	chroot_sdcard systemctl enable systemd-resolved.service || display_alert "Failed to enable systemd-resolved.service" "" "wrn"
 
 	# Copy network config files into the appropriate folders
diff --git a/lib/functions/rootfs/distro-specific.sh b/lib/functions/rootfs/distro-specific.sh
index 06f766be06..63e8c7a3d3 100644
--- a/lib/functions/rootfs/distro-specific.sh
+++ b/lib/functions/rootfs/distro-specific.sh
@@ -43,8 +43,19 @@ function install_distribution_specific() {
 
 	# Set DNS server if systemd-resolved is in use
 	if [[ -n "$NAMESERVER" && -f "${SDCARD}"/etc/systemd/resolved.conf ]]; then
-		sed -i "s/#DNS=.*/DNS=$NAMESERVER/g" "${SDCARD}"/etc/systemd/resolved.conf
 		display_alert "Setup DNS server for systemd-resolved" "${NAMESERVER}" "info"
+
+		# Use resolved.conf.d/ directory as recommended by resolved itself
+		mkdir -p "${SDCARD}"/etc/systemd/resolved.conf.d/
+
+		cat <<- EOF > "${SDCARD}"/etc/systemd/resolved.conf.d/00-armbian-default-dns.conf
+			# Added by Armbian
+			#
+			# See resolved.conf(5) for details
+
+			[Resolve]
+			DNS=${NAMESERVER}
+		EOF
 	fi
 
 	# cleanup motd services and related files
diff --git a/lib/functions/rootfs/post-tweaks.sh b/lib/functions/rootfs/post-tweaks.sh
index 2d76ddee8b..f714a30841 100644
--- a/lib/functions/rootfs/post-tweaks.sh
+++ b/lib/functions/rootfs/post-tweaks.sh
@@ -13,15 +13,11 @@ function post_debootstrap_tweaks() {
 	# adjust tzselect to improve political correctness
 	sed -i "s/Please select a country/Please select a country or a region/g" "${SDCARD}"/usr/bin/tzselect
 
-	# activate systemd-resolved, if not using NetworkManager
-	if [[ ! -f "${SDCARD}"/etc/NetworkManager/NetworkManager.conf ]]; then
-		if [[ -d "${SDCARD}"/etc/systemd/network ]]; then
-			display_alert "Activating systemd-resolved" "Symlink resolv.conf to systemd-resolved's" "debug"
-			run_host_command_logged rm -fv "${SDCARD}"/etc/resolv.conf
-			# The method of symlinking to /run/systemd/resolve/stub-resolv.conf is recommended, see https://www.man7.org/linux/man-pages/man8/systemd-resolved.service.8.html
-			run_host_command_logged ln -s /run/systemd/resolve/stub-resolv.conf "${SDCARD}"/etc/resolv.conf
-		fi
-	fi
+	# activate systemd-resolved
+	display_alert "Activating systemd-resolved" "Symlinking /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf" "debug"
+	run_host_command_logged rm -fv "${SDCARD}"/etc/resolv.conf
+	# The method of symlinking to /run/systemd/resolve/stub-resolv.conf is recommended, see https://www.man7.org/linux/man-pages/man8/systemd-resolved.service.8.html
+	run_host_command_logged ln -s /run/systemd/resolve/stub-resolv.conf "${SDCARD}"/etc/resolv.conf
 
 	# remove service start blockers
 	run_host_command_logged rm -fv "${SDCARD}"/sbin/initctl "${SDCARD}"/sbin/start-stop-daemon
@@ -37,5 +33,4 @@ function post_debootstrap_tweaks() {
 		Last chance to touch the `${SDCARD}` filesystem before it is copied to the final media.
 		It is too late to run any chrooted commands, since the supporting filesystems are already unmounted.
 	POST_POST_DEBOOTSTRAP_TWEAKS
-
 }
diff --git a/packages/bsp/common/usr/lib/armbian/armbian-firstrun b/packages/bsp/common/usr/lib/armbian/armbian-firstrun
index 21074019f5..4bfdbb9343 100755
--- a/packages/bsp/common/usr/lib/armbian/armbian-firstrun
+++ b/packages/bsp/common/usr/lib/armbian/armbian-firstrun
@@ -111,15 +111,6 @@ case "$1" in
 			echo heartbeat >/sys/class/leds/*red*/trigger 2>/dev/null || echo heartbeat >/sys/class/leds/*blue*/trigger 2>/dev/null
 			;;
 
-		mvebu64|mt7623)
-			# configure/enable/start systemd-networkd
-			systemctl start systemd-networkd.service
-			systemctl start systemd-resolved.service
-			systemctl enable systemd-networkd.service
-			systemctl enable systemd-resolved.service
-			ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
-			systemctl restart systemd-networkd
-			;;
 		x86|arm64)
 			[[ -n "$(dmesg | grep "No NVIDIA GPU found")" ]] && sudo apt-get -y -qq purge nvidia-dkms-510 nvidia-driver-510 nvidia-settings nvidia-common >> /dev/null
 		;;