From 88c7c4c748c5ec747726f3bc4dcaaa5507f919c3 Mon Sep 17 00:00:00 2001
From: Jarek <65668659+jardahrazdera@users.noreply.github.com>
Date: Tue, 9 Sep 2025 16:24:49 +0200
Subject: [PATCH] Fix VPN DNS resolution in DHCP mode (#1514)

Empty DNS= and FallbackDNS= in resolved.conf were blocking VPN DNS
servers when VPN clients replaced /etc/resolv.conf.

Removing these empty values allows systemd-resolved to:
- Use DHCP DNS from network interfaces (existing behavior)
- Fall back to system defaults when needed
- Switch to 'foreign' mode for VPN DNS override

Fixes #1509
---
 bin/omarchy-setup-dns    | 2 --
 migrations/1757361127.sh | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)
 create mode 100644 migrations/1757361127.sh

diff --git a/bin/omarchy-setup-dns b/bin/omarchy-setup-dns
index 119ab40..472b555 100755
--- a/bin/omarchy-setup-dns
+++ b/bin/omarchy-setup-dns
@@ -37,8 +37,6 @@ EOF
 DHCP)
   sudo tee /etc/systemd/resolved.conf >/dev/null <<'EOF'
 [Resolve]
-DNS=
-FallbackDNS=
 DNSOverTLS=no
 EOF
   
diff --git a/migrations/1757361127.sh b/migrations/1757361127.sh
new file mode 100644
index 0000000..5c23e00
--- /dev/null
+++ b/migrations/1757361127.sh
@@ -0,0 +1,8 @@
+echo "Fix DHCP DNS to allow VPN DNS override"
+
+if [ -f /etc/systemd/resolved.conf ]; then
+  if grep -q "^DNS=$" /etc/systemd/resolved.conf && grep -q "^FallbackDNS=$" /etc/systemd/resolved.conf; then
+    sudo sed -i '/^DNS=$/d; /^FallbackDNS=$/d' /etc/systemd/resolved.conf
+    sudo systemctl restart systemd-resolved
+  fi
+fi
\ No newline at end of file