initial commit
This commit is contained in:
commit
3653654efc
4
.dockerignore
Normal file
4
.dockerignore
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
*
|
||||||
|
!dnscrypt-proxy.toml
|
||||||
|
!cloaking-rules.txt
|
||||||
|
!forwarding-rules.txt
|
||||||
7
Dockerfile
Normal file
7
Dockerfile
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
FROM alpine:3.12
|
||||||
|
|
||||||
|
RUN apk add --no-cache dnscrypt-proxy
|
||||||
|
ADD . /data
|
||||||
|
WORKDIR /data
|
||||||
|
|
||||||
|
CMD dnscrypt-proxy
|
||||||
21
Jenkinsfile
vendored
Normal file
21
Jenkinsfile
vendored
Normal file
|
|
@ -0,0 +1,21 @@
|
||||||
|
pipeline {
|
||||||
|
agent any
|
||||||
|
stages {
|
||||||
|
stage('build') {
|
||||||
|
steps {
|
||||||
|
checkout scm
|
||||||
|
script {
|
||||||
|
sh 'git rev-parse HEAD > commit'
|
||||||
|
def gitCommit = readFile('commit').trim()
|
||||||
|
def registryHost = "registry.terrible.network"
|
||||||
|
def imageName = "${registryHost}/terribleplan/doh-stub-dnscrypt-proxy"
|
||||||
|
|
||||||
|
def app = docker.build("${imageName}:${gitCommit}")
|
||||||
|
docker.withRegistry("https://${registryHost}", "registry-terrible-network") {
|
||||||
|
app.push("latest")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
0
cloaking-rules.txt
Normal file
0
cloaking-rules.txt
Normal file
53
dnscrypt-proxy.toml
Normal file
53
dnscrypt-proxy.toml
Normal file
|
|
@ -0,0 +1,53 @@
|
||||||
|
server_names = ['cloudflare']
|
||||||
|
listen_addresses = ['0.0.0.0:53']
|
||||||
|
max_clients = 250
|
||||||
|
ipv4_servers = true
|
||||||
|
ipv6_servers = false
|
||||||
|
dnscrypt_servers = false
|
||||||
|
doh_servers = true
|
||||||
|
force_tcp = false
|
||||||
|
timeout = 5000
|
||||||
|
keepalive = 60
|
||||||
|
blocked_query_response = 'hinfo'
|
||||||
|
lb_strategy = 'ph'
|
||||||
|
log_level = 2
|
||||||
|
log_file = '/dev/stdout'
|
||||||
|
use_syslog = false
|
||||||
|
cert_refresh_delay = 240
|
||||||
|
# DoH: Disable TLS session tickets - increases privacy but also latency
|
||||||
|
tls_disable_session_tickets = false
|
||||||
|
fallback_resolvers = ['1.1.1.1:53', '9.9.9.9:53', '8.8.8.8:53']
|
||||||
|
ignore_system_dns = true
|
||||||
|
netprobe_timeout = 60
|
||||||
|
netprobe_address = '8.8.8.8:53'
|
||||||
|
offline_mode = false
|
||||||
|
log_files_max_size = 0
|
||||||
|
log_files_max_age = 0
|
||||||
|
log_files_max_backups = 0
|
||||||
|
block_ipv6 = true
|
||||||
|
block_unqualified = true
|
||||||
|
block_undelegated = true
|
||||||
|
reject_ttl = 600
|
||||||
|
forwarding_rules = '/data/forwarding-rules.txt'
|
||||||
|
cloaking_rules = '/data/cloaking-rules.txt'
|
||||||
|
cloak_ttl = 60
|
||||||
|
cache = true
|
||||||
|
cache_size = 16384
|
||||||
|
cache_min_ttl = 2400
|
||||||
|
cache_max_ttl = 86400
|
||||||
|
cache_neg_min_ttl = 60
|
||||||
|
cache_neg_max_ttl = 600
|
||||||
|
[local_doh]
|
||||||
|
[query_log]
|
||||||
|
[nx_log]
|
||||||
|
[schedules]
|
||||||
|
[sources]
|
||||||
|
[sources.'public-resolvers']
|
||||||
|
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md']
|
||||||
|
cache_file = 'public-resolvers.md'
|
||||||
|
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
|
||||||
|
prefix = ''
|
||||||
|
[broken_implementations]
|
||||||
|
fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-security']
|
||||||
|
[anonymized_dns]
|
||||||
|
[static]
|
||||||
0
forwarding-rules.txt
Normal file
0
forwarding-rules.txt
Normal file
Loading…
Reference in a new issue