{"id":19909112,"url":"https://github.com/dyne/dohd","last_synced_at":"2025-05-03T02:31:35.953Z","repository":{"id":40494392,"uuid":"197712785","full_name":"dyne/dohd","owner":"dyne","description":"Very fast DNS-over-HTTPS to DNS proxy with emphasis on privacy (no logging)","archived":false,"fork":false,"pushed_at":"2023-08-02T12:04:59.000Z","size":5092,"stargazers_count":26,"open_issues_count":6,"forks_count":6,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-04-07T10:35:43.742Z","etag":null,"topics":["daemon","dns","dns-over-https","privacy","rfc8484"],"latest_commit_sha":null,"homepage":"https://dyne.github.io/dohd/","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dyne.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null},"funding":{"github":["dyne"],"patreon":"dyneorg","open_collective":"dyneorg"}},"created_at":"2019-07-19T06:12:47.000Z","updated_at":"2025-02-10T01:09:50.000Z","dependencies_parsed_at":"2022-09-20T04:06:30.643Z","dependency_job_id":null,"html_url":"https://github.com/dyne/dohd","commit_stats":{"total_commits":58,"total_committers":6,"mean_commits":9.666666666666666,"dds":0.5689655172413793,"last_synced_commit":"3b2679a68e749992840b89aeda8b9d68144e7bbd"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dyne%2Fdohd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dyne%2Fdohd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dyne%2Fdohd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dyne%2Fdohd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dyne","download_url":"https://codeload.github.com/dyne/dohd/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252133723,"owners_count":21699586,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["daemon","dns","dns-over-https","privacy","rfc8484"],"created_at":"2024-11-12T21:14:23.757Z","updated_at":"2025-05-03T02:31:34.681Z","avatar_url":"https://github.com/dyne.png","language":"C","funding_links":["https://github.com/sponsors/dyne","https://patreon.com/dyneorg","https://opencollective.com/dyneorg"],"categories":[],"sub_categories":[],"readme":"![dohd logo](https://raw.githubusercontent.com/dyne/dohd/master/docs/dohd.png)\n\u003c!-- josefin sans 400 --\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://dyne.org\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/%3C%2F%3E%20with%20%E2%9D%A4%20by-Dyne.org-blue.svg\" alt=\"Dyne.org\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch4 align=\"center\"\u003e\n  \u003ca href=\"#-install\"\u003e💾 Install\u003c/a\u003e\n  \u003cspan\u003e • \u003c/span\u003e\n  \u003ca href=\"#-quick-start\"\u003e🎮 Quick start\u003c/a\u003e\n  \u003cspan\u003e • \u003c/span\u003e\n  \u003ca href=\"#-configuration\"\u003e🔧 Configuration\u003c/a\u003e\n  \u003cspan\u003e • \u003c/span\u003e\n  \u003ca href=\"#-acknowledgements\"\u003e😍 Acknowledgements\u003c/a\u003e\n  \u003cspan\u003e • \u003c/span\u003e\n  \u003ca href=\"#-license\"\u003e💼 License\u003c/a\u003e\n\u003c/h4\u003e\n\nDohd (pron. doh-dee) is a minimalist DNS-over-HTTPS daemon that redirects all DoH queries\nto a traditional DNS server open to UDP queries.\n\n## Features\n\n- Support for RFC8484 DNS-over-HTTPS (POST and GET method) - HTTP/2\n- Record freshness derived from minimum TTL among answers\n- Optimized and readable C code below 1500 locs\n- Privacy focused, no logs are kept\n\n***\n# 💾 Install\n\nBuild system requirements: gcc or clang, GNU make\n\n1. Ensure that [wolfSSL](https://github.com/wolfssl/wolfssl) is\ninstalled on your system, and configured to support TLS 1.3 (configure\noption: `--enable-tls13` or simply `--enable-all`).\n\n2. Type `make`.\n\n3. Executable will be found in `./src/dohd`\n\n***\n# 🎮 Quick start\n\nCommands must be issued as root on the host machine.\n\nGenerate a fake local certificate for testing:\n\n```\nopenssl req -nodes -newkey rsa:4096 -keyout /etc/test.key -out /etc/test.csr \\\n    -subj \"/C=IT/ST=Rome/L=Rome/O=Local Host/OU=Testing Department/CN=example.com\" \\\n    \u0026\u0026 openssl x509 -req -sha256 -days 365 \\\n    -in /etc/test.csr -signkey /etc/test.key -out /etc/test.crt\n```\n\nCreate a dohd user and grant it access to certificates\n```\nadduser -D -H -s /bin/false dohd\nchown dohd:dohd /etc/test.*\n```\n\nStart dohd as root to proxy all queries to a public dns and drop privileges to dohd user\n\n```\ndohd -c /etc/test.crt -k /etc/test.key -p 8053 -d 8.8.8.8 -u dohd -F\n```\n\n***\n# 🔧 Configuration\n\nThere are several browsers compatible with DNS over HTTPS (DoH). The instructions below let you setup their connection to our demo server dns.dyne.org in order to protect your DNS queries from privacy intrusions and tampering.\n\n- [Mozilla Firefox](https://dyne.github.io/dohd/#/Configure?id=mozilla-firefox)\n- [Google Chrome](https://dyne.github.io/dohd/#/Configure?id=google-chrome)\n- [Microsoft Edge](https://dyne.github.io/dohd/#/Configure?id=microsoft-edge)\n- [Brave](https://dyne.github.io/dohd/#/Configure?id=brave)\n\n\n## dohd daemon\n\nCommandline options are few, help is shown using `-h`\n\n```\nUsage: dohd -c cert -k key [-p port] [-d dnsserver] [-F] [-u user] [-V] [-v] [-h]\n\n\t'cert' and 'key': certificate and its private key.\n\t'user' : login name (when running as root) to switch to (dropping permissions)\n\tDefault values: port=8053 dnsserver=\"::1\"\n\tUse '-h' for help\n\tUse '-V' to show version\n\tUse '-v' for verbose mode\n\tUse '-F' for foreground mode\n```\n\n- '-c *certificate*' - specifies which certificate for the TLS server. (Mandatory parameter)\n- '-k *private-key*' - specifies the private key used by the TLS server. (Mandatory parameter)\n- '-p *port*' - changes the listening port for the DoH service (default:8053)\n- '-u *user*' - drop root privileges after binding to the TCP port by switching user (mandatory when running as root)\n- '-F' - runs dohd in foreground (instead of creating a daemon)\n\n***\n# 😍 Acknowledgements\n\n      Authors: Daniele Lacamera \u003croot@danielinux.net\u003e\n               Denis \"Jaromil\" Roio \u003cjaromil@dyne.org\u003e\n\nThis software is provided \"as is\", without warranty of any kind,\nexpress or implied, including but not limited to the warranties of\nmerchantability, fitness for a particular purpose, title and\nnon-infringement. in no event shall the copyright holders or anyone\ndistributing the software be liable for any damages or other\nliability, whether in contract, tort or otherwise, arising from, out\nof or in connection with the software or the use or other dealings in\nthe software.\n\n***\n# 💼 License\n\nThis is free software: you can redistribute it and/or modify it under\nthe terms of the GNU Affero General Public License, as published by\nthe free Software Foundation.\n\ndohd is distributed in the hope that it will be useful, but WITHOUT\nANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\nFITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License\nfor more details.\n\nYou should have received a copy of the GNU Affero General Public\nLicense along with dohd.  If not, see \u003chttp://www.gnu.org/licenses/\u003e.\nDohd is licensed under the terms of GNU Affero General Public License\n(GNU AGPL).  See COPYING for details.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdyne%2Fdohd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdyne%2Fdohd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdyne%2Fdohd/lists"}