Set up Encrypted DNS resolver

This commit is contained in:
coolneng 2023-07-27 01:14:36 +02:00
parent 477b5abfa8
commit 0a3bcc27ad
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
1 changed files with 19 additions and 1 deletions

View File

@ -112,7 +112,7 @@ in {
listen-address = [ "127.0.0.1" "192.168.13.2" "10.8.0.1" ];
bind-interfaces = true;
server = [ "51.158.108.203" "137.220.55.93" ];
server = [ "127.0.0.1#43" ];
cache-size = 10000;
local-ttl = 300;
@ -123,4 +123,22 @@ in {
};
};
# Encrypted DNS
services.dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = false;
require_dnssec = true;
listen_addresses = [ "127.0.0.1:43" ];
sources.public-resolvers = {
urls = [
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key =
"RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
};
};
}