18 lines
732 B
Markdown
18 lines
732 B
Markdown
|
# [`coredns`](https://git.dotya.ml/dotya.ml/coredns)
|
||
|
|
||
|
this repo contains configuration files for [CoreDNS](https://coredns.io/) set
|
||
|
up as a simple [DNS over TLS (DoT)](https://en.wikipedia.org/wiki/DNS_over_TLS)
|
||
|
forwarding resolver, that is relying on a locally running
|
||
|
[`dnscrypt-proxy`](https://github.com/DNSCrypt/dnscrypt-proxy) instance for any
|
||
|
and all queries.
|
||
|
|
||
|
since the `systemd` service runs under an unprivileged user (here coredns,
|
||
|
which doesn't by default have access to `/etc/letsencrypt`), certs need to be
|
||
|
supplied to `coredns` another way: `copycerts_coredns.{path,service,timer}`.
|
||
|
|
||
|
### TO DO
|
||
|
- [ ] automated deployment (preferably using `ansible` + `drone`)
|
||
|
|
||
|
### LICENSE
|
||
|
WTFPLv2, see [LICENSE](LICENSE) for details
|