1
1
mirror of https://github.com/dnscrypt/dnscrypt-server-docker synced 2024-11-22 23:51:59 +01:00

Sync encrypted-dns.toml.in and bump EDS version

This commit is contained in:
Frank Denis 2019-12-11 15:17:48 +01:00
parent 5e1ce7605b
commit 03d780097a
2 changed files with 25 additions and 1 deletions

@ -37,7 +37,7 @@ ENV RUSTFLAGS "-C link-arg=-s"
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \ RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \ curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
export PATH="$HOME/.cargo/bin:$PATH" && \ export PATH="$HOME/.cargo/bin:$PATH" && \
echo "Compiling encrypted-dns version 0.3.8" && \ echo "Compiling encrypted-dns version 0.3.10" && \
cargo install encrypted-dns && \ cargo install encrypted-dns && \
mkdir -p /opt/encrypted-dns/sbin && \ mkdir -p /opt/encrypted-dns/sbin && \
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \ mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \

@ -14,6 +14,13 @@
## IP addresses and ports to listen to, as well as their external IP ## IP addresses and ports to listen to, as well as their external IP
## If there is no NAT involved, `local` and `external` can be the same. ## If there is no NAT involved, `local` and `external` can be the same.
## As many addresses as needed can be configured here, IPv4 and/or IPv6. ## As many addresses as needed can be configured here, IPv4 and/or IPv6.
## You should at least change the `external` IP address.
### Example with both IPv4 and IPv6 addresses:
# listen_addrs = [
# { local = "0.0.0.0:443", external = "198.51.100.1:443" },
# { local = "[::]:443", external = "[2001:db8::1]:443" }
# ]
listen_addrs = [ listen_addrs = [
@LISTEN_ADDRESSES@ @LISTEN_ADDRESSES@
@ -160,9 +167,24 @@ key_cache_capacity = 10000
[filtering] [filtering]
## List of domains to block, one per line
@DOMAIN_BLACKLIST_CONFIGURATION@ @DOMAIN_BLACKLIST_CONFIGURATION@
## List of undelegated TLDs
## This is the list of nonexistent TLDs that queries are frequently observed for,
## but will never resolve to anything. The server will immediately return a
## synthesized NXDOMAIN response instead of hitting root servers.
# undelegated_list = "/etc/undelegated.txt"
## Ignore A and AAAA queries for unqualified host names.
ignore_unqualified_hostnames = true
######################### #########################
# Metrics # # Metrics #
@ -175,6 +197,7 @@ listen_addr = "@METRICS_ADDRESS@"
path = "/metrics" path = "/metrics"
################################ ################################
# Anonymized DNS # # Anonymized DNS #
################################ ################################
@ -187,6 +210,7 @@ enabled = @ANONDNS_ENABLED@
# Allowed upstream ports # Allowed upstream ports
# This is a list of commonly used ports for encrypted DNS services
allowed_ports = [ 443, 553, 853, 1443, 2053, 4343, 4434, 4443, 5353, 5443, 8443, 15353 ] allowed_ports = [ 443, 553, 853, 1443, 2053, 4343, 4434, 4443, 5353, 5443, 8443, 15353 ]