Settings Not Persisting on Start9 Server After Reboot (Proxmox + VPN Setup)

DIY Community Support
1

Hi everyone,

I’m running Start9 on a VM hosted on Proxmox, and the Start9 server’s traffic is routed through another VM that acts as a VPN gateway (using Windscribe). The setup works perfectly when I make network, DNS, and routing changes, but all these changes are lost whenever the Start9 server reboots.

My Setup

  1. Host Environment: Proxmox.
  2. VPN Gateway: A separate VM running Windscribe VPN with IP forwarding and NAT configured.
  3. Start9 VM: The Start9 server routes traffic through the VPN gateway via a static route.

Changes I’ve Made

1. DNS Configuration:

  • Manually set DNS servers to 9.9.9.9 and 149.112.112.112.
  • Used nmcli commands:
    sudo nmcli connection modify "Wired connection 1" ipv4.dns "9.9.9.9,149.112.112.112"
sudo nmcli connection modify "Wired connection 1" ipv4.ignore-auto-dns yes
  • Created a manual /etc/resolv.conf file:
    echo -e "nameserver 9.9.9.9\nnameserver 149.112.112.112" | sudo tee /etc/resolv.conf
  • Disabled and masked systemd-resolved to prevent it from managing DNS:
    sudo systemctl disable --now systemd-resolved
sudo systemctl mask systemd-resolved
  • Verified /etc/resolv.conf contents to confirm the correct nameservers were set.

2. IP Routing:

  • Modified the IP routing table to route traffic from Start9 through the VPN gateway.
  • Configured a static default route:
    sudo ip route add default via 192.168.0.191 dev ens18
  • Ensured the Start9 server could ping the VPN gateway and external DNS servers.

3. NetworkManager Settings:

  • Modified the “Wired connection 1” configuration via nmcli:
    • Enabled manual IP configuration for DNS.
    • Disabled auto-configured DNS by setting ipv4.ignore-auto-dns to yes.
  • Ensured the connection was brought up with:
    sudo nmcli connection up "Wired connection 1"

The Problem

After rebooting the Start9 server:

  1. systemd-resolved Service:

    • Despite disabling and masking systemd-resolved, it re-enables itself on reboot, resetting DNS settings.
    • The /etc/resolv.conf file reverts to a symlink pointing to /run/systemd/resolve/stub-resolv.conf.

  2. Routing Table:

    • The IP routes added via ip route are lost on reboot.

  3. NetworkManager Changes:

    • The changes to “Wired connection 1” (manual DNS and ignoring auto-DNS) do not persist.

What Works

  • The Windscribe VPN gateway remains unaffected by reboots. All NAT and forwarding rules persist correctly.
  • When I manually reapply all the above changes after a reboot, everything works perfectly. The Start9 server connects through the VPN, DNS resolves properly, and Tor circuits are established.

Questions

  1. How can I make these changes persist on the Start9 server after a reboot?
  2. Could the Start9 server’s environment or EmbassyOS be interfering with system-level configurations like resolv.conf and routing?
  3. Are there additional configurations I need to apply to ensure systemd-resolved stays disabled and routing is preserved?

Any advice or suggestions would be greatly appreciated! Thanks in advance!