Spent too much time making Safari and Orion open onion links on macOS. Local tor, privoxy, unbound — mDNSResponder kept dropping *.onion queries.
Tracked it down to undocumented Apple code. /etc/resolver/onion did the trick on Ventura. Ugh, what a mess.
https://github.com/apple-oss-distributions/configd/blob/ebd2cef166d947659a001b076ea919351f7baf5d/Plugins/IPMonitor/controller.m#L1492-L1553
Here are the core configs:
/etc/resolver/onion:nameserver 127.0.0.1
/opt/homebrew/etc/privoxy/user.action:{+forward-override{forward-socks5t 127.0.0.1:9050 .}}
/opt/homebrew/etc/privoxy/user.action:.onion
/opt/homebrew/etc/privoxy/user.action:check.torproject.org
/opt/homebrew/etc/unbound/unbound.conf: private-domain: "onion"
/opt/homebrew/etc/unbound/unbound.conf: domain-insecure: "onion"
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." nodefault
/opt/homebrew/etc/unbound/unbound.conf: local-zone: "onion." redirect
/opt/homebrew/etc/unbound/unbound.conf: local-data: "onion. IN A 1.1.1.1"
andrew / Andrew
npub1ku…pp0ge
2023-01-05 04:27:09
Author Public Key
npub1kundug94z4c9llhf29v3ar657she8wu9p80cr2z3e4dujj0vzveqwpp0gePublished at
2023-01-05 04:27:09Event JSON
{
"id": "a885b7dd870a14b199e3843ed3036e542d2b8d331e3801cf3b2043ee35e2ee62",
"pubkey": "b726de20b515705ffee951591e8f54f42f93bb8509df81a851cd5bc949ec1332",
"created_at": 1672892829,
"kind": 1,
"tags": [],
"content": "Spent too much time making Safari and Orion open onion links on macOS. Local tor, privoxy, unbound — mDNSResponder kept dropping *.onion queries.\n\nTracked it down to undocumented Apple code. /etc/resolver/onion did the trick on Ventura. Ugh, what a mess.\n\nhttps://github.com/apple-oss-distributions/configd/blob/ebd2cef166d947659a001b076ea919351f7baf5d/Plugins/IPMonitor/controller.m#L1492-L1553\n\nHere are the core configs:\n\n/etc/resolver/onion:nameserver 127.0.0.1\n/opt/homebrew/etc/privoxy/user.action:{+forward-override{forward-socks5t 127.0.0.1:9050 .}}\n/opt/homebrew/etc/privoxy/user.action:.onion\n/opt/homebrew/etc/privoxy/user.action:check.torproject.org\n/opt/homebrew/etc/unbound/unbound.conf:\tprivate-domain: \"onion\"\n/opt/homebrew/etc/unbound/unbound.conf:\tdomain-insecure: \"onion\"\n/opt/homebrew/etc/unbound/unbound.conf:\tlocal-zone: \"onion.\" nodefault\n/opt/homebrew/etc/unbound/unbound.conf:\tlocal-zone: \"onion.\" redirect\n/opt/homebrew/etc/unbound/unbound.conf:\tlocal-data: \"onion. IN A 1.1.1.1\"",
"sig": "71a13d5e43cd35467ab5d024cefae6d211433d78723de7d9bffab546deab41bb9cb9270fb0b5e5634b70f9c32d2590ecf4e359d4836d60d8903a3b7f1bd14995"
}