# [`coredns`](https://git.dotya.ml/dotya.ml/coredns)

this repo contains configuration files for [CoreDNS](https://coredns.io/) set
up as a simple [DNS over TLS (DoT)](https://en.wikipedia.org/wiki/DNS_over_TLS)
forwarding resolver, that is relying on a locally running
[`dnscrypt-proxy`](https://github.com/DNSCrypt/dnscrypt-proxy) instance for any
and all queries.

since the `systemd` service runs under an unprivileged user (here coredns,
which doesn't by default have access to `/etc/letsencrypt`), certs need to be
supplied to `coredns` another way: `copycerts_coredns.{path,service,timer}`.

### TO DO
- [ ] automated deployment (preferably using `ansible` + `drone`)

### LICENSE
WTFPLv2, see [LICENSE](LICENSE) for details