diff --git a/etc/systemd/resolved.conf.d/dns-over-tls.conf b/etc/systemd/resolved.conf.d/dns-over-tls.conf
new file mode 100644
index 00000000..ec2a27f4
--- /dev/null
+++ b/etc/systemd/resolved.conf.d/dns-over-tls.conf
@@ -0,0 +1,19 @@
+# This file is practically the same as my Unbound dns-over-tls.conf meaning
+# something with port 443 and then anycasted nonfiltering ones.
+[Resolve]
+# https://appliedprivacy.net/services/dns/ - Vienna, Austria
+DNS=2a02:1b8:10:234::2]:443#dot1.applied-privacy.net
+DNS=146.255.56.98:443#dot1.applied-privacy.net
+# https://www.dns0.eu/open https://www.dns0.eu/network - French based. Private ECS
+DNS=193.110.81.254#open.dns0.eu
+DNS=185.253.5.254#open.dns0.eu
+DNS=[2a0f:fc80::ffff]#open.dns0.eu
+DNS=[2a0f:fc81::ffff]#open.dns0.eu
+# Adguard DNS Unfiltered Anycast. Malta based. Private ECS.
+DNS=[2a10:50c0::1:ff]#unfiltered.adguard-dns.com
+DNS=[2a10:50c0::2:ff]#unfiltered.adguard-dns.com
+DNS=94.140.14.140#unfiltered.adguard-dns.com
+DNS=94.140.14.141#unfiltered.adguard-dns.com
+Domains=~.
+DNSOverTLS=yes
+Cache=yes