From 984332b22cbb921e18286ed4dd2717cde83d5679 Mon Sep 17 00:00:00 2001
From: "Aleksey @soar Smyrnov" <i@soar.name>
Date: Tue, 12 Jul 2022 14:32:45 -0400
Subject: [PATCH 1/2] `SUBSPACE_CLIENT_NAMESERVERS` variable

to define a custom list of nameservers to be included in configs
---
 README.md                |  3 +++
 cmd/subspace/handlers.go | 38 ++++++++++++++++++++++++--------------
 2 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index 09951b7f..37cf2d3a 100644
--- a/README.md
+++ b/README.md
@@ -133,6 +133,7 @@ $ subspace --http-host subspace.example.com
 | `SUBSPACE_THEME`            | `green`             | The theme to use, please refer to [semantic-ui](https://semantic-ui.com/usage/theming.html) for accepted colors                                      |
 | `SUBSPACE_BACKLINK`         | `/`                 | The page to set the home button to                                                                                                                   |
 | `SUBSPACE_DISABLE_DNS`      | `false`             | Whether to disable DNS so the client uses their own configured DNS server(s). Consider disabling DNS server, if supporting international VPN clients |
+| `SUBSPACE_CLIENT_NAMESERVERS` | `false` | List of custom DNS servers to include in the user config |
 | `SUBSPACE_PERSISTENT_KEEPALIVE`      | `0`             | Whether PersistentKeepalive should be enabled for clients (seconds) |
 
 ### Run as a Docker container
@@ -183,6 +184,8 @@ If you want to run the vpn on a different domain as the http host you can set `-
 
 Use `--env SUBSPACE_DISABLE_DNS=1` to make subspace generate WireGuard configs without the `DNS` option, preserving the user's DNS servers.
 
+As an alternative, you can pass a list of preferred DNS servers in the `SUBSPACE_CLIENT_NAMESERVERS` variable (e.g. `--env SUBSPACE_CLIENT_NAMESERVERS="8.8.8.8,1.1.1.1"`).
+
 ```bash
 
 # Your data directory should be bind-mounted as `/data` inside the container using the `--volume` flag.
diff --git a/cmd/subspace/handlers.go b/cmd/subspace/handlers.go
index ae7ff25e..5b4153a0 100644
--- a/cmd/subspace/handlers.go
+++ b/cmd/subspace/handlers.go
@@ -462,6 +462,10 @@ func profileAddHandler(w *Web) {
 	if shouldDisableDNS := getEnv("SUBSPACE_DISABLE_DNS", "0"); shouldDisableDNS == "1" {
 		disableDNS = true
 	}
+	clientNameServers := ""
+	if useClientNameServers := getEnv("SUBSPACE_CLIENT_NAMESERVERS", "nil"); useClientNameServers != "nil" {
+		clientNameServers = useClientNameServers
+	}
 	persistentKeepalive := "0"
 	if keepalive := getEnv("SUBSPACE_PERSISTENT_KEEPALIVE", "nil"); keepalive != "nil" {
 		persistentKeepalive = keepalive
@@ -484,8 +488,12 @@ cat <<WGCLIENT >clients/{{$.Profile.ID}}.conf
 [Interface]
 PrivateKey = ${wg_private_key}
 {{- if not .DisableDNS }}
+{{- if .ClientNameServers }}
+DNS = {{.ClientNameServers}}
+{{- else }}
 DNS = {{if .Ipv4Enabled}}{{$.IPv4Gw}}{{end}}{{if .Ipv6Enabled}}{{if .Ipv4Enabled}},{{end}}{{$.IPv6Gw}}{{end}}
 {{- end }}
+{{- end }}
 Address = {{if .Ipv4Enabled}}{{$.IPv4Pref}}{{$.Profile.Number}}/{{$.IPv4Cidr}}{{end}}{{if .Ipv6Enabled}}{{if .Ipv4Enabled}},{{end}}{{$.IPv6Pref}}{{$.Profile.Number}}/{{$.IPv6Cidr}}{{end}}
 
 [Peer]
@@ -497,20 +505,21 @@ PersistentKeepalive = {{$.PersistentKeepalive}}
 WGCLIENT
 `
 	_, err = bash(script, struct {
-		Profile      		Profile
-		EndpointHost 		string
-		Datadir      		string
-		IPv4Gw       		string
-		IPv6Gw       		string
-		IPv4Pref     		string
-		IPv6Pref     		string
-		IPv4Cidr     		string
-		IPv6Cidr     		string
-		Listenport   		string
-		AllowedIPS   		string
-		Ipv4Enabled  		bool
-		Ipv6Enabled  		bool
-		DisableDNS   		bool
+		Profile             Profile
+		EndpointHost        string
+		Datadir             string
+		IPv4Gw              string
+		IPv6Gw              string
+		IPv4Pref            string
+		IPv6Pref            string
+		IPv4Cidr            string
+		IPv6Cidr            string
+		Listenport          string
+		AllowedIPS          string
+		Ipv4Enabled         bool
+		Ipv6Enabled         bool
+		DisableDNS          bool
+		ClientNameServers   string
 		PersistentKeepalive string
 	}{
 		profile,
@@ -527,6 +536,7 @@ WGCLIENT
 		ipv4Enabled,
 		ipv6Enabled,
 		disableDNS,
+		clientNameServers,
 		persistentKeepalive,
 	})
 	if err != nil {

From 6a62643d57ad4bf5b80ccae6291f3ed3577e5f22 Mon Sep 17 00:00:00 2001
From: "Aleksey @soar Smyrnov" <i@soar.name>
Date: Tue, 12 Jul 2022 14:56:45 -0400
Subject: [PATCH 2/2] Allow to set client nameservers even if DNS is disabled

---
 cmd/subspace/handlers.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/cmd/subspace/handlers.go b/cmd/subspace/handlers.go
index 5b4153a0..7ff5c28b 100644
--- a/cmd/subspace/handlers.go
+++ b/cmd/subspace/handlers.go
@@ -487,13 +487,11 @@ WGPEER
 cat <<WGCLIENT >clients/{{$.Profile.ID}}.conf
 [Interface]
 PrivateKey = ${wg_private_key}
-{{- if not .DisableDNS }}
 {{- if .ClientNameServers }}
 DNS = {{.ClientNameServers}}
-{{- else }}
+{{- else if not .DisableDNS }}
 DNS = {{if .Ipv4Enabled}}{{$.IPv4Gw}}{{end}}{{if .Ipv6Enabled}}{{if .Ipv4Enabled}},{{end}}{{$.IPv6Gw}}{{end}}
 {{- end }}
-{{- end }}
 Address = {{if .Ipv4Enabled}}{{$.IPv4Pref}}{{$.Profile.Number}}/{{$.IPv4Cidr}}{{end}}{{if .Ipv6Enabled}}{{if .Ipv4Enabled}},{{end}}{{$.IPv6Pref}}{{$.Profile.Number}}/{{$.IPv6Cidr}}{{end}}
 
 [Peer]