* Adding nss-lookup.target to the socket Before and Wants directive. Adding current upstream wiki as documentation to service and socket file.
Adding DynamicUser=yes to the service file, alongside various hardening settings (Protect{ControlGroups,KernelModules}. Allowing the service to bind to ports below 1024 by setting CAP_NET_BIND_SERVICE. Adding {Cache,Logs,Runtime}Directory for dnscrypt-proxy. Removing (default) Type=simple. Adding a more default ExecStart location and usage of configuration.
* systemd/dnscrypt-proxy.socket: Adding back ipv6 functionality.
* systemd/dnscrypt-proxy.service: Updating Description to match project name.
Explicitely setting ProtectHome=yes. Adding information on the DynamicUser settings.
* systemd/dnscrypt-proxy.socket: Updating description to match project name.
* systemd/dnscrypt-proxy.service: Adding Requires= and Also= for dnscrypt-proxy.socket in favor of CAP_NET_BIND_SERVICE capabilities.
* dnscrypt-proxy/example-dnscrypt-proxy.toml: Clarifying how to set listen_addresses, when using systemd socket activation.
* Let default systemd socket listen on both IPv4 and IPv6
Setting listen_addresses = [] in config will listen on systemd socket, but by previous systemd socket config it would only listen on IPv4 127.0.0.1:53 without IPv6. This change fixes it.
* Update dnscrypt-proxy.socket
Frank Denis
David Runge
FedericoYundt
Dhoulmagus