mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-12-23 03:02:52 +01:00
etc: dnscrypt
This commit is contained in:
parent
e1d873213f
commit
17b5596d80
7
etc/conf.d/dnscrypt-proxy
Normal file
7
etc/conf.d/dnscrypt-proxy
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
DNSCRYPT_LOCALIP=127.0.0.2
|
||||||
|
DNSCRYPT_LOCALPORT=53
|
||||||
|
DNSCRYPT_USER=nobody
|
||||||
|
DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.opendns.com
|
||||||
|
DNSCRYPT_PROVIDER_KEY=B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79
|
||||||
|
DNSCRYPT_RESOLVERIP=208.67.220.220
|
||||||
|
DNSCRYPT_RESOLVERPORT=443
|
38
etc/pdnsd.conf
Normal file
38
etc/pdnsd.conf
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# https://wiki.archlinux.org/index.php?title=DNSCrypt&oldid=373568#Example:_configuration_for_pdnsd
|
||||||
|
global {
|
||||||
|
perm_cache=16384;
|
||||||
|
cache_dir="/var/cache/pdnsd";
|
||||||
|
run_as="pdnsd";
|
||||||
|
server_ip = 127.0.0.1;
|
||||||
|
status_ctl = on;
|
||||||
|
query_method=udp_tcp;
|
||||||
|
min_ttl=15m; # Retain cached entries at least 15 minutes.
|
||||||
|
max_ttl=1w; # One week.
|
||||||
|
timeout=10; # Global timeout option (10 seconds).
|
||||||
|
neg_domain_pol=on;
|
||||||
|
udpbufsize=1024; # Upper limit on the size of UDP messages.
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
label = "dnscrypt-proxy";
|
||||||
|
ip = 127.0.0.2;
|
||||||
|
port = 53;
|
||||||
|
timeout = 4;
|
||||||
|
uptest = query;
|
||||||
|
interval = 15m;
|
||||||
|
proxy_only=on;
|
||||||
|
}
|
||||||
|
|
||||||
|
source {
|
||||||
|
owner=localhost;
|
||||||
|
file="/etc/hosts";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
rr {
|
||||||
|
name=localhost;
|
||||||
|
reverse=on;
|
||||||
|
a=127.0.0.1;
|
||||||
|
owner=localhost;
|
||||||
|
soa=localhost,root.localhost,42,86400,900,86400,86400;
|
||||||
|
}
|
@ -1,6 +1,11 @@
|
|||||||
nameserver ::1
|
nameserver ::1
|
||||||
#nameserver 2001:4860:4860::8888
|
nameserver 2001:4860:4860::8888
|
||||||
nameserver 2001:4860:4860::8844
|
#nameserver 2001:4860:4860::8844
|
||||||
#nameserver 8.8.8.8
|
#nameserver 8.8.8.8
|
||||||
nameserver 8.8.4.4
|
#nameserver 8.8.4.4
|
||||||
|
#nameserver 2620:0:ccc::2
|
||||||
|
#nameserver 2620:0:ccd::2
|
||||||
|
nameserver 208.67.222.222
|
||||||
|
#nameserver 208.67.220.220
|
||||||
|
options edns 0
|
||||||
search mikaela.info
|
search mikaela.info
|
||||||
|
19
etc/systemd/system/dnscrypt-proxy.service
Normal file
19
etc/systemd/system/dnscrypt-proxy.service
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=A tool for securing communications between a client and a DNS resolver.
|
||||||
|
After=network.target
|
||||||
|
# Only needed if you use pdnsd, other caching DNS servers can go here. Could be ignored too.
|
||||||
|
Before=pdnsd.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
EnvironmentFile=/etc/conf.d/dnscrypt-proxy
|
||||||
|
ExecStart=/usr/bin/dnscrypt-proxy \
|
||||||
|
--local-address=${DNSCRYPT_LOCALIP}:${DNSCRYPT_LOCALPORT} \
|
||||||
|
--resolver-address=${DNSCRYPT_RESOLVERIP}:${DNSCRYPT_RESOLVERPORT} \
|
||||||
|
--provider-name=${DNSCRYPT_PROVIDER_NAME} \
|
||||||
|
--provider-key=${DNSCRYPT_PROVIDER_KEY} \
|
||||||
|
--user=${DNSCRYPT_USER} \
|
||||||
|
--edns-payload-size=4096
|
||||||
|
Restart=on-abort
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user