mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-11-30 09:16:41 +02:00
.. | ||
proxy | ||
wrapper | ||
README.md |
dnscrypt
About
dnscrypt-wrapper
- A server-side dnscrypt proxy.dnscrypt-proxy
- A protocol for securing communications between a client and a DNS resolver.
Config
wrapper:
image: vimagick/dnscrypt-wrapper
ports:
- "443:443/udp"
- "443:443/tcp"
environment:
- LISTEN_ADDR=0.0.0.0:443
- RESOLVER_ADDR=8.8.8.8:53
- PROVIDER_NAME=2.dnscrypt-cert.datageek.info
restart: always
proxy:
image: vimagick/dnscrypt-proxy
ports:
- "53:53/udp"
- "53:53/tcp"
environment:
- LISTEN_ADDR=0.0.0.0:443
- RESOLVER_ADDR=1.2.3.4:443
- PROVIDER_NAME=2.dnscrypt-cert.datageek.info
- PROVIDER_KEY=4C29:9CEB:CF8D:4612:48A8:B2F2:3B6F:A046:EBF5:2F2B:6433:27C6:5F3A:88F5:495E:3075
restart: always
RESOLVER_ADDR
is server public ip address.
Server
$ cd dnscrypt
$ fig up -d wrapper
$ docker exec -it dnscrypt_wrapper_1 cat provider_keypair.txt
Public key fingerprint: 4C29:9CEB:CF8D:4612:48A8:B2F2:3B6F:A046:EBF5:2F2B:6433:27C6:5F3A:88F5:495E:3075
Client
$ cd dnscrypt
$ fig up -d proxy
$ dig @127.0.0.1 www.google.com
$ dig @127.0.0.1 www.youtube.com +tcp
Note
You'd better to use vimagick/dnscrypt-proxy
as backend of dnsmasq
or pdnsd
for better performance.
Please read this to re-generate keys!