{"id":50103579,"url":"https://github.com/allanchen2019/mosdns-debian-install","last_synced_at":"2026-05-23T09:02:08.814Z","repository":{"id":39410910,"uuid":"445535972","full_name":"allanchen2019/mosdns-debian-install","owner":"allanchen2019","description":"Script to install mosdns on Debian(or derivatives) Linux","archived":false,"fork":false,"pushed_at":"2026-05-21T18:40:03.000Z","size":223,"stargazers_count":39,"open_issues_count":0,"forks_count":18,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-05-22T01:38:31.569Z","etag":null,"topics":["armbian","debian","dns","dns-over-https","dns-server","shell-script"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/allanchen2019.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-01-07T13:47:42.000Z","updated_at":"2026-05-21T18:40:08.000Z","dependencies_parsed_at":"2024-02-07T09:26:20.055Z","dependency_job_id":"55fc8d35-f9a4-4279-8981-e11f09e1af5d","html_url":"https://github.com/allanchen2019/mosdns-debian-install","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/allanchen2019/mosdns-debian-install","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allanchen2019%2Fmosdns-debian-install","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allanchen2019%2Fmosdns-debian-install/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allanchen2019%2Fmosdns-debian-install/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allanchen2019%2Fmosdns-debian-install/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/allanchen2019","download_url":"https://codeload.github.com/allanchen2019/mosdns-debian-install/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allanchen2019%2Fmosdns-debian-install/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33389229,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T04:15:53.637Z","status":"ssl_error","status_checked_at":"2026-05-23T04:15:53.242Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["armbian","debian","dns","dns-over-https","dns-server","shell-script"],"created_at":"2026-05-23T09:02:06.341Z","updated_at":"2026-05-23T09:02:08.807Z","avatar_url":"https://github.com/allanchen2019.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"English | [įŽ€äŊ“中文](./README_zh-CN.md)\n\nAn automated shell installation script and production-grade routing configurations for [mosdns](https://github.com/IrineSistiana/mosdns) v5 on Debian/Ubuntu.\n\n## 🚀 Architecture Diagram (MosDNS v5 Pipeline)\n\nThis project delivers a highly-optimized, low-latency, anti-pollution, and self-healing DNS resolution pipeline tailored for homelab environments.\n\n```text\n +-----------------------+\n | Client DNS Query |\n +-----------+-----------+\n |\n v\n +-----------------------+\n | mem_cache Check | \u003c--- [Lazy Cache (persistent dump.cache)]\n +-----------+-----------+\n |\n +--------------+--------------+\n | |\n [Cache Hit] [Cache Miss]\n | |\n v v\n +--------------+ +-----------------+\n | Return Resp | | Match Rule Set? |\n +--------------+ +--------+--------+\n |\n +-------------------+------------------+------------------+\n | (A) Local Domain | (B) China Domain | (C) Proxy Domain | (D) Default Fallback\n | - *.lan, *.local| - china-list | - proxy-list | - Other Domains\n | - Single Label | - apple-cn | |\n | - Private PTR | | |\n v v v v\n +--------------+ +--------------+ +--------------+ +---------------+\n | MikroTik GW | | China Public | | Secure DoT | | China Public |\n | 192.168.4.1 | | 119.29.29.29| | 8.8.8.8:853 | | Query |\n | | | 223.5.5.5 | | 1.1.1.1:853 | +-------+-------+\n +------+-------+ +------+-------+ +------+-------+ |\n | | | v\n | | | [Is Resp IP?]\n | | | / \\\n | | | [CN IP] [Foreign IP]\n | | | / \\\n | | | v v\n | | | +-------------+ +--------------+\n | | | | Accept IP \u0026 | | Drop Resp \u0026 |\n | | | | Return | | Query DoT |\n | | | +-------------+ +-------+------+\n | | | | |\n v v v v v\n +---------------------------------------------------------------------------------+\n | Return Answer to Client |\n +---------------------------------------------------------------------------------+\n```\n\n---\n\n## ✨ Key Features\n\n1. **⚡ī¸ Low-Latency Lazy Cache (mem_cache)**:\n * 20,480 capacity cache with TTL extended up to 86,400s.\n * Auto-dumps in-memory cache to disk (`cache.dump`) every 10 minutes to eliminate cold-start latency spikes upon container restarts.\n2. **🏠 LAN Domain Autonomy (local_router_sequence)**:\n * Direct routing for local domains (`*.lan`, `*.local`, `*.homelab`) and private PTR queries to local gateway (`192.168.4.1`).\n * Custom Regex `regexp:^[^.]+$` to block single-label hostname leakage to external DoT servers.\n3. **🇨đŸ‡ŗ High-Performance China Split-Routing (local_sequence)**:\n * Direct concurrently resolved queries for verified Chinese domains (`china-list.txt`, `apple-cn.txt`) to top local public DNS (AliDNS \u0026 DNSPod).\n4. **🔒 Secure Anti-Pollution DoT Tunnel (remote_sequence)**:\n * Encrypted DNS-over-TLS query concurrent transmission to Google (`8.8.8.8:853`) and Cloudflare (`1.1.1.1:853`).\n * Built-in 500ms timeout threshold resilient failover to domestic public DNS.\n5. **🛡ī¸ Dual-Validation Fallback Security (fallback_sequence)**:\n * First routes unclassified domains to local public DNS. If resolved IP is within domestic ranges (`cn_ip`), it is immediately accepted.\n * If the IP falls outside Chinese IP blocks (indicative of regular or polluted results), the response is dropped, and a mandatory secure DoT query is triggered to prevent DNS spoofing.\n6. **🌐 Intelligent EDNS Client Subnet (ECS) Optimization (ecs_handler)**:\n * **`ecs_domestic`**: Automatically forwards or injects client subnets (`/24` for IPv4, `/48` for IPv6) for domestic domains to ensure precise regional CDN routing.\n * **`ecs_remote`**: Statically strips client subnets for foreign DNS requests to guarantee privacy and prevent foreign CDN servers from misrouting traffic cross-ocean.\n7. **🚀 Production-Grade Self-Healing Maintenance Scripts**:\n * **`AutoSetup.sh`**: Lightweight, idempotent, fast bootstrap script free from bloated dependencies (no Python/PIP overhead) and guards against pre-existing repository conflicts.\n * **`install-mosdns.sh`**: High-availability installer that dynamically injects public resolvers temporarily to avoid offline DNS download deadlocks, and performs localhost port 53 validation queries before switching traffic.\n * **`update-geo.sh`**: Atomic resource dataset updates featuring size-and-line validation limits (10,000+ lines / 200KB+ threshold) to completely block corrupted/empty upstream assets. Uses decoupled (`backup-geo`) path protection.\n * **`update-bin.sh`**: Atomic executable binary updater with robust fallback CPU architecture detection (`uname -m` compatibility) and decoupled (`backup-bin`) backup protection to completely avoid concurrent rollback collisions.\n * **`uninstall.sh`**: Safe uninstaller that performs in-memory system DNS recovery and systemd-resolved stub resolve symlink reconstruction *first* before purging files to eliminate self-destruction failures.\n\n---\n\n## 🛠ī¸ Usage \u0026 Commands\n\n### 1-Click Interactive Console Menu (Supports Installation, Updates \u0026 Uninstallation)\n```bash\nbash \u003c(curl -Ls https://raw.githubusercontent.com/allanchen2019/mosdns-debian-install/main/AutoSetup.sh)\n```\n\u003e [!TIP]\n\u003e Running this command directly launches the **MosDNS Terminal Interactive Menu**, enabling 1-click installation, Geo rule updates, binary hot-upgrades, and uninstallation.\n\u003e For ultra-low RAM devices (\u003c 256MB), the installer option automatically downloads pre-compiled binaries from GitHub Releases to prevent OOM errors, with a fallback to local Go compilation (`go build`) as backup.\n\n### đŸ–Ĩī¸ Premium Glassmorphic Web Control Panel\nAfter installation, a lightweight daemon `mosdns-panel.service` is spawned automatically:\n* **Access URL**: `http://\u003cYOUR_SERVER_IP\u003e:8080` (accessible within your local LAN, featuring a dark-mode glassmorphic interface).\n* **Key Capabilities**:\n * **Real-time Dashboard**: Dynamic Canvas charts mapping 24H queries alongside Prometheus cache size \u0026 high-precision hit rate scraping.\n * **Structured Query Audit**: Live stream query logs (Client IP, Domain, QType, Cache/Upstream status, Duration) persistent to SQLite.\n * **Configuration Editor**: Safely modify and syntax check your `config-v5.yaml` and blocklists directly in the browser. Domain lists are organized into **\"Local/Direct\"** and **\"Remote/Proxy\"** tabs, marked with read-only (🔒) and custom (✏ī¸) tags, allowing one-click custom list creation pre-populated with format guidelines and example templates.\n * **Fine-Grained Game Rules Switches**: Game domains are compiled from the official V2Fly `domain-list-community` raw archive into 12 distinct lists (e.g., Steam, Nintendo, PlayStation, Epic Games, Blizzard, EA, Riot, Roblox, Tencent, Mihoyo, Bilibili, and other miscellaneous games). Each list features an independent, iOS-style **\"Enable/Disable\"** switch to comment/uncomment them in `config-v5.yaml` for flexible direct/proxy routing.\n * **Live Console**: Real-time Systemd logs stream and one-click execution of updates.\n\n### Self-Healing Binary Update\n```bash\n/opt/mosdns/update-bin.sh\n```\n\n### Resource Dataset Update\n```bash\n/opt/mosdns/update-geo.sh\n```\n\n### Service Controls \u0026 Logging\n```bash\n# Check MosDNS Core status\nsystemctl status mosdns.service\n\n# Check Web Panel status\nsystemctl status mosdns-panel.service\n\n# View weekly update timers\nsystemctl status mosdns-update.timer\n```\n\n### Uninstallation (cleanly sweeps all files and panel service daemons)\n```bash\n/opt/mosdns/uninstall.sh\n```\n\n---\n\n## 📄 License\nThis project is open-source. For more info, please see the source scripts.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fallanchen2019%2Fmosdns-debian-install","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fallanchen2019%2Fmosdns-debian-install","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fallanchen2019%2Fmosdns-debian-install/lists"}