coredns/README.md

# [`coredns`](https://git.dotya.ml/dotya.ml/coredns)

this repo contains configuration files for [CoreDNS](https://coredns.io/) set
up as a simple [DNS over TLS (DoT)](https://en.wikipedia.org/wiki/DNS_over_TLS)
forwarding resolver, that is relying on a locally running
[`dnscrypt-proxy`](https://github.com/DNSCrypt/dnscrypt-proxy) instance for any
and all queries.

since the `systemd` service runs under an unprivileged user (here coredns,
which doesn't by default have access to `/etc/letsencrypt`), certs need to be
supplied to `coredns` another way: `copycerts_coredns.{path,service,timer}`.

### TO DO
- [ ] automated deployment (preferably using `ansible` + `drone`)

### LICENSE
WTFPLv2, see [LICENSE](LICENSE) for details
initial commit 2022-08-26 02:52:21 +02:00			# [`coredns`](https://git.dotya.ml/dotya.ml/coredns)

			`this repo contains configuration files for [CoreDNS](https://coredns.io/) set`
			`up as a simple [DNS over TLS (DoT)](https://en.wikipedia.org/wiki/DNS_over_TLS)`
			`forwarding resolver, that is relying on a locally running`
			[`dnscrypt-proxy`](https://github.com/DNSCrypt/dnscrypt-proxy) instance for any
			`and all queries.`

			since the `systemd` service runs under an unprivileged user (here coredns,
			which doesn't by default have access to `/etc/letsencrypt`), certs need to be
			supplied to `coredns` another way: `copycerts_coredns.{path,service,timer}`.

			`### TO DO`
			- [ ] automated deployment (preferably using `ansible` + `drone`)

			`### LICENSE`
			`WTFPLv2, see [LICENSE](LICENSE) for details`