Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
server_names = [
'cloudflare',
'doh-crypto-sx',
'ams-doh-nl',
# Possible issues.
# 'faelix-ch-ipv4-doh',
'doh.ffmuc.net'
]
listen_addresses = [
'127.0.0.1:5353'
]
max_clients = 256
ipv4_servers = true
ipv6_servers = false
dnscrypt_servers = false
doh_servers = true
require_dnssec = true
require_nolog = true
require_nofilter = true
disabled_server_names = []
force_tcp = false
timeout = 5000
lb_strategy = 'p2'
lb_estimator = true
keepalive = 60
blocked_query_response = 'hinfo'
log_level = 2
log_file = '/dev/stdout'
use_syslog = false
cert_refresh_delay = 240
dnscrypt_ephemeral_keys = false
tls_disable_session_tickets = false
tls_cipher_suite = [52392, 49199]
fallback_resolvers = [
'9.9.9.9:53',
'1.0.0.1:53'
]
ignore_system_dns = true
netprobe_timeout = 60
netprobe_address = '1.1.1.1:53'
offline_mode = false
log_files_max_size = 0
log_files_max_backups = 0
block_ipv6 = true
block_unqualified = true
block_undelegated = true
reject_ttl = 600
cache = false
[query_log]
file = '/dev/stdout'
[nx_log]
file = '/dev/stdout'
[anonymized_dns]
skip_incompatible = true
routes = [
{ server_name='*', via=[ 'anon-acsacsar-ams-ipv4', 'anon-ams-nl', 'anon-bcn', 'anon-cs-de2', 'anon-cs-fr', 'anon-cs-fr2', 'anon-cs-nl', 'anon-cs-nl2', 'anon-cs-pt', 'anon-cs-se', 'anon-cs-se', 'anon-cs-sk', 'anon-ibksturm', 'anon-kama', 'anon-meganerd', 'anon-scaleway', 'anon-scaleway-ams', 'anon-serbica', 'anon-skyfighter', 'anon-sth-se', 'anon-yofiji-se-ipv4' ] }
]
[sources]
[sources.'public-resolvers']
refresh_delay = 72
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md']
cache_file = 'public-resolvers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
prefix = ''
[sources.'relays']
refresh_delay = 72
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md']
cache_file = 'relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
prefix = ''
version: '2'
services:
piknik:
container_name: 'piknik'
image: 'piknik:custom'
hostname: 'piknik'
extra_hosts:
- 'piknik piknik.lan:192.168.1.10'
dns:
- '127.0.0.1'
dns_search:
- 'lan'
ports:
- '0.0.0.0:8075:8075/tcp'
environment:
TZ: 'Etc/UTC'
volumes:
- './piknik.toml:/piknik.toml'
restart: 'unless-stopped'
dnscrypt-proxy:
container_name: 'dnscrypt-proxy'
image: 'dnscrypt-proxy:custom'
hostname: 'dnscrypt-proxy'
extra_hosts:
- 'dnscrypt-proxy dnscrypt-proxy.lan:192.168.1.10'
dns:
- '127.0.0.1'
dns_search:
- 'lan'
environment:
TZ: 'Etc/UTC'
volumes:
- './dnscrypt-proxy.toml:/config/dnscrypt-proxy.toml'
network_mode: 'host'
restart: 'unless-stopped'
pi-hole:
container_name: 'pi-hole'
image: 'pi-hole:custom'
hostname: 'pi-hole'
extra_hosts:
- 'pi-hole pi-hole.lan:192.168.1.10'
dns:
- '127.0.0.1'
dns_search:
- 'lan'
environment:
TZ: 'Etc/UTC'
IPv6: 'no'
ServerIP: '192.168.1.10'
HOSTNAME: 'pi-hole.lan'
PROXY_LOCATION: 'pi-hole.lan'
VIRTUAL_HOST: 'pi-hole.lan'
VIRTUAL_PORT: 80
CORS_HOSTS: 'pi-hole.lan,pi-hole,192.168.1.10'
SKIPGRAVITYONBOOT: 'yes'
PIHOLE_DNS_DNS1: '127.0.0.1#5353'
PIHOLE_DNS_DNS2: 'no'
volumes:
- 'pihole-etc:/etc/pihole'
- 'pihole-dnsmasq:/etc/dnsmasq.d'
- 'pihole-lighttpd:/etc/lighttpd'
- 'pihole-log:/var/log'
- './pihole_overwrite_resolv.conf:/etc/resolv.conf'
network_mode: 'host'
restart: 'unless-stopped'
cap_add:
- 'NET_ADMIN'
- 'SYS_NICE'
- 'IPC_LOCK'
ulimits:
nofile:
soft: 1024
hard: 4096
depends_on:
- 'dnscrypt-proxy'
volumes:
pihole-etc:
pihole-dnsmasq:
pihole-lighttpd:
pihole-log:
search lan
domain lan.
nameserver 127.0.0.1
options ndots:0 edns0 single-request-reopen
Listen = "0.0.0.0:8075"
Psk = ""
SignPk = ""
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment