mirrors/dockerfiles_vimagick
2
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2025-12-25 23:03:34 +01:00
Code Issues Projects Releases Wiki Activity

update dnscrypt

Browse Source
This commit is contained in:
kev
2022-02-17 16:09:23 +08:00
parent 6eb55fbf39
commit 017cd00a78
27 changed files with 922 additions and 498 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
dnscrypt/README.md
View File

@@ -1,54 +1,12 @@
dnscrypt
========
## About
[DNSCrypt][1] is a protocol that encrypts, authenticates and optionally anonymizes
communications between a DNS client and a DNS resolver. It prevents DNS
spoofing. It uses cryptographic signatures to verify that responses originate
from the chosen DNS resolver and havent been tampered with.
- `dnscrypt-wrapper` - A server-side dnscrypt proxy.
- `dnscrypt-proxy` - A protocol for securing communications between a client and a DNS resolver.
- dnscrypt-proxy
- dnscrypt-server
## Config
wrapper:
image: vimagick/dnscrypt-wrapper
ports:
- "443:443/udp"
- "443:443/tcp"
environment:
- LISTEN_ADDR=0.0.0.0:443
- RESOLVER_ADDR=8.8.8.8:53
- PROVIDER_NAME=2.dnscrypt-cert.easypi.info
restart: always
proxy:
image: vimagick/dnscrypt-proxy
ports:
- "53:53/udp"
- "53:53/tcp"
environment:
- LISTEN_ADDR=0.0.0.0:443
- RESOLVER_ADDR=1.2.3.4:443
- PROVIDER_NAME=2.dnscrypt-cert.easypi.info
- PROVIDER_KEY=4C29:9CEB:CF8D:4612:48A8:B2F2:3B6F:A046:EBF5:2F2B:6433:27C6:5F3A:88F5:495E:3075
restart: always
> `RESOLVER_ADDR` is server public ip address.
## Server
$ cd dnscrypt
$ fig up -d wrapper
$ docker exec -it dnscrypt_wrapper_1 cat README.txt
Public key fingerprint: 4C29:9CEB:CF8D:4612:48A8:B2F2:3B6F:A046:EBF5:2F2B:6433:27C6:5F3A:88F5:495E:3075
## Client
$ cd dnscrypt
$ fig up -d proxy
$ dig @127.0.0.1 www.google.com
$ dig @127.0.0.1 www.youtube.com +tcp
## Note
You'd better to use `vimagick/dnscrypt-proxy` as backend of `dnsmasq` or `pdnsd` for better performance.
Please read [this](https://github.com/Cofyc/dnscrypt-wrapper) to re-generate keys!
[1]: https://dnscrypt.info/