DNS over TLS in Aurora

I just installed Aurora on an old ThinkPad T430s I have and am trying to get DNS over TLS to work.

I have tested that Control D works with
sudo resolvectl dns wlp2s0 76.76.2.22
sudo resolvectl dnsovertls wlp2s0 yes
sudo resolvectl dnssec wlp2s0 yes

but as soon as I reboot the configuration is lost.

You can set it up the same as you would on any distro. Maybe the easiest way is to set dns-over-tls (Network Manager config).

Enable DNS over TLS

Set dns-over-tls, by creating a config file:

cat << EOF | sudo tee /etc/NetworkManager/conf.d/90-dns-over-tls.conf >/dev/null
[connection]
connection.dns-over-tls=2
# 2 yes, 1 opportunistic, 0 no
EOF

Set Custom DNS Servers

Under System Settings > Networking > Wifi & Internet

1. Switch your connection’s ipv4/ipv6 IP tabs’ methods to “Automatic (Only addresses)”
2. Add the DNS servers you want to use (e.g. quad9)

Finally, restart Network Manager:

sudo systemctl restart NetworkManager

# check if settings applied:
systemctl status systemd-resolved
resolvectl status | grep -B2 -A3 '\+DNSOverTLS'

In case anyone wants to dive deeper, there have been some articles in Fedora magazine about it (ymmv):

• Use DNS over TLS - Fedora Magazine
• Enabling system-wide DNS over TLS - Fedora Magazine