{"id":13821547,"url":"https://github.com/Seji64/SniDust","last_synced_at":"2025-05-16T12:33:43.914Z","repository":{"id":43919038,"uuid":"472680588","full_name":"Seji64/SniDust","owner":"Seji64","description":"SmartDNS Proxy to hide your GeoLocation. Based on DnsDist and nginx","archived":false,"fork":false,"pushed_at":"2025-05-09T19:30:28.000Z","size":129,"stargazers_count":189,"open_issues_count":5,"forks_count":46,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-05-09T20:30:43.226Z","etag":null,"topics":["dns-proxy","dnsdist","docker","hulu","netflix","proxy","smartdns","sniproxy","yallo","zattoo"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Seji64.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"seji64","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"lfx_crowdfunding":null,"custom":null}},"created_at":"2022-03-22T08:44:15.000Z","updated_at":"2025-05-09T19:30:33.000Z","dependencies_parsed_at":"2023-02-18T15:20:19.621Z","dependency_job_id":"19ea542c-f77b-4b0b-84a8-b9bc88e040e2","html_url":"https://github.com/Seji64/SniDust","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Seji64%2FSniDust","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Seji64%2FSniDust/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Seji64%2FSniDust/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Seji64%2FSniDust/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Seji64","download_url":"https://codeload.github.com/Seji64/SniDust/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254530794,"owners_count":22086679,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns-proxy","dnsdist","docker","hulu","netflix","proxy","smartdns","sniproxy","yallo","zattoo"],"created_at":"2024-08-04T08:01:23.698Z","updated_at":"2025-05-16T12:33:40.265Z","avatar_url":"https://github.com/Seji64.png","language":"Shell","funding_links":["https://github.com/sponsors/seji64"],"categories":["Shell"],"sub_categories":[],"readme":"[![Docker](https://github.com/Seji64/SniDust/actions/workflows/docker-publish.yml/badge.svg)](https://github.com/Seji64/SniDust/actions/workflows/docker-publish.yml)\r\n\r\n# SniDust\r\nSmartDNS Proxy to hide your GeoLocation. Based on DnsDist and nginx\r\n\r\n# Update v1.0.10 - BREAKING CHANGE !!\r\nPlease note replacing sniproxy with nginx resulted in a **breaking change**. nginx is listening on port **8080** (before 80) and **8443** (before 443). Ensure you update your docker configuration accordingly!\r\n\r\n## Supported Services\r\n\r\n- Zattoo\r\n- Yallo.tv\r\n- Netflix\r\n- Hulu\r\n- Amazon Prime\r\n- SRF.ch (live tv)\r\n\r\n## Prerequisites\r\n\r\nYou will need a VPS or a Root Server where you can install [Docker](https://www.docker.com/) (or Docker is already installed).\r\n\r\n##  Usage\r\n\r\n### Get your Public IP (Client)\r\n\r\n```\r\n## run this in your terminal or use your webbrowser\r\ncurl https://ifconfig.co\r\n```\r\nFor this **example**  lets assume your public ip (of your *client*) is `10.111.123.7`\r\nSince version `v1.0.8` you can also use DynDNS. In this case just use your DynDNS domain eg. `myDynDNSDomain.no-ip.com`\r\n\r\n### Get your IP of your Server\r\n\r\n```\r\ncurl https://ifconfig.co\r\n```\r\nFor this **example** lets assume your public ip (of your *server*) is `10.111.123.8`\r\n\r\n### Run SniDust on your Server\r\n\r\n```\r\ndocker run -d --name snidust -e ALLOWED_CLIENTS=\"127.0.0.1, 10.111.123.7, myDynDNSDomain.no-ip.com\" -e EXTERNAL_IP=10.111.123.8 -p 443:8443 -p 80:8080 -p 53:5300/udp ghcr.io/seji64/snidust:1.0.15\r\n```\r\n\r\nOr if you use docker compose:\r\n\r\n```yaml\r\nversion: '3.3'\r\nservices:\r\n    snidust:\r\n        container_name: snidust\r\n        environment:\r\n            - TZ=Europe/Berlin\r\n            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7, myDynDNSDomain.no-ip.com'\r\n            - 'EXTERNAL_IP=10.111.123.8'\r\n            - SPOOF_ALL_DOMAINS=false # Set to true (case sensitive!) if you want to spoof ALL domains.\r\n            # - 'DYNDNS_CRON_SCHEDULE=*/1 * * * *' # Example for specifing a custom cron interval for dynDNS Update. Default is '*/15 * * * *'\r\n        ports:\r\n            - 443:8443\r\n            - 80:8080\r\n            - 53:5300/udp\r\n        image: 'ghcr.io/seji64/snidust:1.0.15'\r\n```\r\n\r\n### Check logs of the container\r\n```bash\r\ndocker logs snidust\r\n```\r\n\r\nThe logs should look something like this:\r\n\r\n```\r\n...\r\nWebserver launched on 127.0.0.1:8083\r\nMarking downstream 1.0.0.1:443 as 'up'\r\nMarking downstream dns.google (8.8.8.8:853) as 'up'\r\nMarking downstream dns.google (8.8.4.4:853) as 'up'\r\nMarking downstream 1.1.1.1:443 as 'up'\r\nPolled security status of version 1.7.1 at startup, no known issues reported: OK\r\n```\r\n\r\n### Configure your client\r\n\r\nChange your network settings and set the DNS Server as  10.111.123.8 (**PUBLIC_VPS_IP**)\r\n\r\nYour GeoLaction should now hidden :-)\r\n\r\n## Troubleshooting\r\n\r\n### Error Port 53 is already in use\r\n\r\nIn this case, you are either running another service (like Pi-Hole) that already uses this Port or you likely use a Linux distribution that uses Systemd.\r\n\r\nIn case Systemd is already using port 53 you can follow this [Guide](https://www.linuxuprising.com/2020/07/ubuntu-how-to-free-up-port-53-used-by.html) to free up this port.\r\n\r\n## Advanced setups\r\n\r\n### DoT\r\n\r\nFor examples how to use an setup DoT see `docker-compose.dot.yml` and `docker-compose.acme.sh-dot.yml`\r\n\r\n### Disable installtion of repo default domains\r\n\r\nIf do not want use the default domain lists of this repo, you can disable this by setting the environment variable `INSTALL_DEFAULT_DOMAINS` to `false`.\r\n\r\n### Configure DNS Rate Limiting\r\nThe default is the following:\r\n```\r\nGenerate a warning if we detect a query rate above 800 qps *(Query per second)* for at least 60s.\r\nIf the query rate rises above 1000 qps for 60 seconds, we'll block the client for 360s.\r\n```\r\nTo customize this behavior you can use the following environment variables:\r\n````\r\nDNSDIST_RATE_LIMIT_WARN (default: 800)\r\nDNSDIST_RATE_LIMIT_BLOCK (default: 1000)\r\nDNSDIST_RATE_LIMIT_BLOCK_DURATION (default: 360)\r\nDNSDIST_RATE_LIMIT_EVAL_WINDOW (default: 60)\r\n````\r\n\r\nIf you want to disable Rate Limiting completely set `DNSDIST_RATE_LIMIT_DISABLE` to `true`\r\n\r\n### Use custom Upstream DNS Servers\r\nBy default, SniDust is using Cloudflare's and Google's DNS Servers as Upstream.\r\nTo use your own/custom upstream DNS Server you have to do the following:\r\n\r\n#### Configure and use Custom Upstream Pool\r\n- Create a file named 99-customUpstream.conf\r\n- Use the [DNSDist Documentation](https://dnsdist.org/reference/config.html#newServer) to create you own upstream pool.\r\n  Example:\r\n  ```\r\n  newServer({address=\"192.0.2.1\", name=\"custom1\", pool=\"customUpstream\"})\r\n  newServer({address=\"192.0.2.2\", name=\"custom2\", pool=\"customUpstream\"})\r\n  ```\r\n - Ensure you have set a `pool` and it is **NOT** named `upstream` (this name is already used by sniDust itself)\r\n - Set Environment Variable `DNSDIST_UPSTREAM_POOL_NAME` to your pool name *(here: `customUpstream`)*\r\n - Map your file `99-customUpstream.conf`\r\n   ```\r\n   ...\r\n           volumes:\r\n             - ~/99-customUpstream.conf:/etc/dnsdist/conf.d/99-customUpstream.conf\r\n    ...\r\n   ```\r\n### Add custom domains\r\n\r\nIn case you want to add custom domains which not included by default, this can be done easily.\r\nCreate a file with the name `99-custom.lst`. Insert all your custom domains in this file.\r\n\r\n#### Mount it\r\n\r\n```bash\r\ndocker run --name snidust -e ALLOWED_CLIENTS=\"127.0.0.1, 10.111.123.7\" -e EXTERNAL_IP=10.111.123.8 -p 443:8443 -p 80:8080 -p 53:5300/udp -v ~/99-custom.lst:/etc/snidust/domains.d/99-custom.lst:ro ghcr.io/seji64/snidust:main\r\n```\r\n\r\nOr if you use docker-compose:\r\n\r\n```yaml\r\nversion: '3.3'\r\nservices:\r\n    snidust:\r\n        container_name: snidust\r\n        environment:\r\n            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7'\r\n            - EXTERNAL_IP=10.111.123.8\r\n        ports:\r\n            - '443:8443'\r\n            - '80:8080'\r\n            - '53:5300/udp'\r\n        volumes:\r\n            - '~/99-custom.lst:/etc/snidust/domains.d/99-custom.lst:ro'\r\n        image: 'ghcr.io/seji64/snidust:1.0.15'\r\n```\r\n\r\n### Spoof all domains\r\n\r\nIf you don't want to maintain a list of domains and you just want to spoof everything set `SPOOF_ALL_DOMAINS` to `true`\r\n**WARNING:**: As a result, the COMPLETE traffic runs through your VPS - this is not the optimal use of SniDust. Only the traffic needed to cloak the GeoLocation should flow through SniDust\r\n\r\n```yaml\r\nversion: '3.3'\r\nservices:\r\n    snidust:\r\n        container_name: snidust\r\n        environment:\r\n            - 'ALLOWED_CLIENTS=127.0.0.1, 10.111.123.7'\r\n            - EXTERNAL_IP=10.111.123.8\r\n            - SPOOF_ALL_DOMAINS=true\r\n...\r\n```\r\n\r\n### Reload allowed clients without container restart\r\n\r\nIn case you want to have dynamic ALLOWED_CLIENTS ACL change your docker compose file to this:\r\n\r\n```yaml\r\nversion: '3.3'\r\nservices:\r\n    snidust:\r\n        container_name: snidust\r\n        environment:\r\n            - 'ALLOWED_CLIENTS_FILE=/tmp/myacls.acl'\r\n            - EXTERNAL_IP=10.111.123.8\r\n        ports:\r\n            - '443:8443'\r\n            - '80:8080'\r\n            - '53:5300/udp'\r\n        volumes:\r\n            - '~/myacls.acl:/tmp/myacls.acl:ro'\r\n        image: 'ghcr.io/seji64/snidust:1.0.15'\r\n```\r\n\r\nThen you can reload your ACLs by querying a specific DNS name:\r\n```\r\n# Assuming 10.11.123.8 is the IP of your Server where snidust runs\r\ndig @10.111.123.8 reload.acl.snidust.local\r\n```\r\n\r\nYou should see in the logs (`docker logs snidust`) snidust has reloaded your ACLs\r\n\r\n```\r\n[SniDust] *** Reloading ACL... ***\r\n...\r\n[SniDust] *** ACL reload complete! ***\r\n```\r\n\r\n### Reload Domains without container restart\r\n\r\nIn case you added custom domains like the above, update the `99-custom.lst` file but don't want to restart your SniDust container each time, you can reload all domains with a custom DNS question.\r\n\r\n```\r\n# Assuming 10.11.123.8 is the IP of your Server where snidust runs\r\ndig @10.111.123.8 reload.domainlist.snidust.local\r\n```\r\n\r\nYou should see in the logs (`docker logs snidust`) snidust has reloaded your domain\r\n\r\n```\r\n[SniDust] Reloading domain lists...\r\n...\r\n[SniDust] *** End of Domain List ***\r\n[SniDust] Domain Lists reloaded!\r\n```\r\n\r\n## Credits\r\nBased on the following projects:\r\n\r\n- https://dnsdist.org/\r\n- https://www.nginx.com\r\n- https://github.com/andykimpe/wilmaa-proxy\r\n- https://github.com/suuhm/unblock-proxy.sh\r\n- https://github.com/ab77/netflix-proxy\r\n\r\n## Star History\r\n\r\n\u003ca href=\"https://star-history.com/#Seji64/SniDust\u0026Date\"\u003e\r\n \u003cpicture\u003e\r\n   \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://api.star-history.com/svg?repos=Seji64/SniDust\u0026type=Date\u0026theme=dark\" /\u003e\r\n   \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://api.star-history.com/svg?repos=Seji64/SniDust\u0026type=Date\" /\u003e\r\n   \u003cimg alt=\"Star History Chart\" src=\"https://api.star-history.com/svg?repos=Seji64/SniDust\u0026type=Date\" /\u003e\r\n \u003c/picture\u003e\r\n\u003c/a\u003e\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSeji64%2FSniDust","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSeji64%2FSniDust","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSeji64%2FSniDust/lists"}