https://github.com/publicarray/dns-resolver-infra
Privacy DNS infrastructure
https://github.com/publicarray/dns-resolver-infra
dns dns-over-https dns-over-tls dns-privacy dns-resolver dnscrypt dnscrypt-wrapper dnssec docker docker-swarm doh dot haproxy kubernetes nsd opennic privacy rust-doh unbound
Last synced: 2 months ago
JSON representation
Privacy DNS infrastructure
- Host: GitHub
- URL: https://github.com/publicarray/dns-resolver-infra
- Owner: publicarray
- License: gpl-3.0
- Created: 2018-05-01T13:03:30.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2024-05-13T09:31:50.000Z (about 1 year ago)
- Last Synced: 2025-03-09T23:04:18.103Z (4 months ago)
- Topics: dns, dns-over-https, dns-over-tls, dns-privacy, dns-resolver, dnscrypt, dnscrypt-wrapper, dnssec, docker, docker-swarm, doh, dot, haproxy, kubernetes, nsd, opennic, privacy, rust-doh, unbound
- Language: Shell
- Homepage: https://dns.seby.au
- Size: 1.42 MB
- Stars: 52
- Watchers: 9
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: Readme.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# DNS Resolver Infrastructure
## Infrastructure Overview
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=dnscrypt-server)
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=doh-proxy)
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=haproxy)
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=m13253-doh)
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=nsd)
[](https://github.com/publicarray/dns-resolver-infra/actions?workflow=unbound)
* [acme.sh](https://github.com/Neilpang/acme.sh) (TLS certificate generation for haproxy)
* [nsd](https://www.nlnetlabs.nl/projects/nsd/) ([OpenNIC](https://www.opennic.org/)) [](https://hub.docker.com/r/publicarray/nsd/) [](https://microbadger.com/images/publicarray/nsd)
* [unbound](https://unbound.nlnetlabs.nl/) (DNS Resolver) [](https://hub.docker.com/r/publicarray/unbound/) [](https://microbadger.com/images/publicarray/unbound)
* [dnscrypt-server](https://github.com/jedisct1/encrypted-dns-server) (dnscrypt) [](https://hub.docker.com/r/publicarray/dnscrypt-server/) [](https://microbadger.com/images/publicarray/dnscrypt-server)
* [doh-proxy](https://github.com/jedisct1/rust-doh) [](https://hub.docker.com/r/publicarray/doh-proxy/) [](https://microbadger.com/images/publicarray/doh-proxy) or [m13253-doh](https://github.com/m13253/dns-over-https) [](https://hub.docker.com/r/publicarray/m13253-doh/) 
* [haproxy](http://www.haproxy.org/) (DNS-over-HTTPS) [](https://hub.docker.com/r/publicarray/haproxy/) [](https://microbadger.com/images/publicarray/haproxy)
* [haproxy](http://www.haproxy.org/) (DNS-over-TLS) [](https://hub.docker.com/r/publicarray/haproxy/) [](https://microbadger.com/images/publicarray/haproxy)
## Getting started
### Quick start**
```sh
pacman -S docker docker-composer docker-buildx
git clone https://github.com/publicarray/dns-resolver-infra.git && cd dns-resolver-infra
# Add Cloudflare cedentials for acme.sh / TLS certificates
echo 'CF_TOKEN=xxxx' >> .env
echo 'CF_ACCOUNT_ID=xxxx' >> .env
echo 'CF_ZONE_ID=xxxx' >> .env
./deploy.sh
```
### Docker Compose
```sh
# Build Images or pull them:
docker-compose pull
# Add Cloudflare cedentials for acme.sh / TLS certificates
echo 'CF_TOKEN=xxxx' >> .env
echo 'CF_ACCOUNT_ID=xxxx' >> .env
echo 'CF_ZONE_ID=xxxx' >> .env
# # Setup CA
# docker-compose run acme --register-account -m [email protected]
# # or
# docker-compose run acme.sh --set-default-ca --server letsencrypt
# Launch
docker-compose up -d
```
* [Usage with Docker-Swarm](docker.md)
* [Usage with Kubernetes](kube.md)
### sysctl
```
sysctl net.ipv4.tcp_congestion_control=bbr
```
### Tests
```
npm i --legacy-peer-deps
./lint.sh
npm run bats tests
./test.sh
```
###