servers:dnscrypt-proxy
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
servers:dnscrypt-proxy [2018/03/19 03:33] – Sean Rhone | servers:dnscrypt-proxy [2018/04/04 14:47] (current) – [Switch User] Sean Rhone | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Information ====== | ||
+ | * DNSCrypt ((https:// | ||
+ | * dnscrypt-proxy ((https:// | ||
+ | |||
+ | ===== Prerequisites ===== | ||
+ | |||
+ | * [[distros: | ||
+ | |||
+ | ====== Create Group and User ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo groupadd ' | ||
+ | |||
+ | ====== Dependencies ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo zypper install git-core go | ||
+ | |||
+ | ====== Install ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | ===== Build ===== | ||
+ | |||
+ | ==== Switch User ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo su ' | ||
+ | |||
+ | ==== Compile ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ===== Install ===== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mv '/ | ||
+ | |||
+ | ====== Settings ====== | ||
+ | |||
+ | ===== References ===== | ||
+ | |||
+ | * https:// | ||
+ | * https:// | ||
+ | |||
+ | ===== Notes ===== | ||
+ | |||
+ | * '' | ||
+ | |||
+ | ===== Settings ===== | ||
+ | |||
+ | sudo mkdir -p '/ | ||
+ | |||
+ | < | ||
+ | server_names = [' | ||
+ | |||
+ | keepalive = 10 | ||
+ | |||
+ | fallback_resolver = ' | ||
+ | |||
+ | ipv6_servers = true | ||
+ | require_dnssec = true | ||
+ | |||
+ | [blacklist] | ||
+ | blacklist_file = ' | ||
+ | |||
+ | [sources.' | ||
+ | urls = [' | ||
+ | cache_file = ' | ||
+ | minisign_key = ' | ||
+ | |||
+ | [sources.' | ||
+ | urls = [' | ||
+ | cache_file = ' | ||
+ | minisign_key = ' | ||
+ | |||
+ | ===== Blacklist ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | # Facebook 2018/03/19 | ||
+ | *.facebook.* | ||
+ | *.fbcdn.* | ||
+ | *.tfbnw.* | ||
+ | *.fbsbx.* | ||
+ | *.fb.* | ||
+ | *.whatsapp.* | ||
+ | *.instagram.*</ | ||
+ | |||
+ | ====== Services ====== | ||
+ | |||
+ | ===== Main ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=dnscrypt-proxy | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Service] | ||
+ | Type=simple | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | |||
+ | ProtectControlGroups=yes | ||
+ | ProtectKernelModules=yes | ||
+ | ProtectKernelTunables=yes | ||
+ | PrivateDevices=yes | ||
+ | PrivateTmp=yes | ||
+ | ProtectHome=yes | ||
+ | ProtectSystem=yes | ||
+ | ReadWritePaths='/ | ||
+ | NoNewPrivileges=yes | ||
+ | RestrictNamespaces=yes | ||
+ | MemoryDenyWriteExecute=yes | ||
+ | RestrictRealtime=yes | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target</ | ||
+ | |||
+ | ===== Updater ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | |||
+ | ProtectControlGroups=yes | ||
+ | ProtectKernelModules=yes | ||
+ | PrivateDevices=yes | ||
+ | PrivateTmp=yes | ||
+ | ProtectHome=yes | ||
+ | RestrictNamespaces=yes | ||
+ | MemoryDenyWriteExecute=yes | ||
+ | RestrictRealtime=yes | ||
+ | |||
+ | ExecStartPre='/ | ||
+ | |||
+ | ExecStartPre='/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStartPre='/ | ||
+ | |||
+ | ExecStart='/ | ||
+ | |||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=dnscrypt-proxy Updater | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=weekly | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ |