2023-02-23 12:52:48 +01:00
|
|
|
# https://github.com/AdguardTeam/dnsproxy
|
|
|
|
[Unit]
|
|
|
|
Description=DNS over HTTPS resolver
|
|
|
|
# /etc/resolv.conf -> unbound -> dnsproxy
|
2023-02-23 13:25:12 +01:00
|
|
|
After=network-online.target
|
2023-02-23 12:52:48 +01:00
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=simple
|
2023-02-23 13:31:48 +01:00
|
|
|
# -v is verbose output, journalctl -u dnsproxy
|
2023-02-23 12:52:48 +01:00
|
|
|
# 127.0.2.1@53 comes from https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/unbound/unbound.conf.d/dnscrypt-proxy.conf
|
|
|
|
# and it's not a privileged port https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/sysctl.d/23-starts-unprivileged-ports.conf
|
|
|
|
# The DoH server is self-explanatory, bootstrap is Quad9 with ECS
|
2023-02-23 13:25:12 +01:00
|
|
|
ExecStart=/usr/local/bin/dnsproxy -v -l 127.0.2.1 -p 53 -u https://dns0.eu/ -b 149.112.112.11:53 -b 9.9.9.11:53 -b [2620:fe::11]:53 -b [2620:fe::fe:11]:53 --http3
|
2023-02-23 12:52:48 +01:00
|
|
|
Restart=always
|
|
|
|
RestartSec=5s
|
2023-02-23 13:25:12 +01:00
|
|
|
User=unbound
|
2023-02-23 12:52:48 +01:00
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|