From bf03e21a613866de894cdec42900de7705fdf609 Mon Sep 17 00:00:00 2001 From: sn0wb0i Date: Wed, 11 Sep 2019 09:04:28 -0400 Subject: [PATCH] DNS-over-HTTPS --- README.md | 4 +++- adblock/docker-compose.yml | 10 ++++++++++ haproxy.cfg | 17 +++++++++++++++++ 3 files changed, 30 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 18626f6..d77d8d8 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,8 @@ * DNS resolver: [unbound](https://nlnetlabs.nl/projects/unbound/about/) ([config](unbound.conf)) * DNS-over-TLS: [haproxy](https://www.haproxy.org/) ([config](haproxy.cfg)) -### [Adblock](adblock/) +### Adblocking DNS resolver Powered by [Pi-hole](https://pi-hole.net/). + +* [Configuration](adblock/) (Docker-deployed) diff --git a/adblock/docker-compose.yml b/adblock/docker-compose.yml index 5012e82..b9de381 100644 --- a/adblock/docker-compose.yml +++ b/adblock/docker-compose.yml @@ -28,3 +28,13 @@ services: - 127.0.0.1 - 198.251.90.114 restart: unless-stopped + doh: + environment: + - "UPSTREAM_NAME=pihole" + restart: always + image: quay.io/sheogorath/doh +# build: +# context: . + ports: + - "127.0.0.1:8054:8053" + diff --git a/haproxy.cfg b/haproxy.cfg index c492466..35f4909 100644 --- a/haproxy.cfg +++ b/haproxy.cfg @@ -83,6 +83,12 @@ frontend 443-in use_backend check if { path /check } + use_backend doh-uncensored if { hdr(host) -i uncensored.any.dns.nixnet.xyz } + use_backend doh-adblock if { hdr(host) -i adblock.any.dns.nixnet.xyz } + + use_backend doh-uncensored if { hdr(host) -i uncensored.lux1.dns.nixnet.xyz } + use_backend doh-adblock if { hdr(host) -i adblock.lux1.dns.nixnet.xyz } + # default_backend nginx backend check @@ -119,3 +125,14 @@ backend dns-uncensored backend dns-adblock mode tcp server pihole 198.251.90.89:53 check + +# DoH backends +backend doh-uncensored + mode http + server doh-uncensored 127.0.0.1:8053 check + +backend doh-adblock + mode http + server doh-adblock 127.0.0.1:8054 check + +