mirror of
https://github.com/dnscrypt/dnscrypt-server-docker
synced 2024-11-22 19:42:03 +01:00
Sync encrypted-dns.toml.in and bump EDS version
This commit is contained in:
parent
5e1ce7605b
commit
03d780097a
@ -37,7 +37,7 @@ ENV RUSTFLAGS "-C link-arg=-s"
|
|||||||
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
|
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
|
||||||
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
|
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
|
||||||
export PATH="$HOME/.cargo/bin:$PATH" && \
|
export PATH="$HOME/.cargo/bin:$PATH" && \
|
||||||
echo "Compiling encrypted-dns version 0.3.8" && \
|
echo "Compiling encrypted-dns version 0.3.10" && \
|
||||||
cargo install encrypted-dns && \
|
cargo install encrypted-dns && \
|
||||||
mkdir -p /opt/encrypted-dns/sbin && \
|
mkdir -p /opt/encrypted-dns/sbin && \
|
||||||
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \
|
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \
|
||||||
|
@ -14,6 +14,13 @@
|
|||||||
## IP addresses and ports to listen to, as well as their external IP
|
## IP addresses and ports to listen to, as well as their external IP
|
||||||
## If there is no NAT involved, `local` and `external` can be the same.
|
## If there is no NAT involved, `local` and `external` can be the same.
|
||||||
## As many addresses as needed can be configured here, IPv4 and/or IPv6.
|
## As many addresses as needed can be configured here, IPv4 and/or IPv6.
|
||||||
|
## You should at least change the `external` IP address.
|
||||||
|
|
||||||
|
### Example with both IPv4 and IPv6 addresses:
|
||||||
|
# listen_addrs = [
|
||||||
|
# { local = "0.0.0.0:443", external = "198.51.100.1:443" },
|
||||||
|
# { local = "[::]:443", external = "[2001:db8::1]:443" }
|
||||||
|
# ]
|
||||||
|
|
||||||
listen_addrs = [
|
listen_addrs = [
|
||||||
@LISTEN_ADDRESSES@
|
@LISTEN_ADDRESSES@
|
||||||
@ -160,9 +167,24 @@ key_cache_capacity = 10000
|
|||||||
|
|
||||||
[filtering]
|
[filtering]
|
||||||
|
|
||||||
|
## List of domains to block, one per line
|
||||||
|
|
||||||
@DOMAIN_BLACKLIST_CONFIGURATION@
|
@DOMAIN_BLACKLIST_CONFIGURATION@
|
||||||
|
|
||||||
|
|
||||||
|
## List of undelegated TLDs
|
||||||
|
## This is the list of nonexistent TLDs that queries are frequently observed for,
|
||||||
|
## but will never resolve to anything. The server will immediately return a
|
||||||
|
## synthesized NXDOMAIN response instead of hitting root servers.
|
||||||
|
|
||||||
|
# undelegated_list = "/etc/undelegated.txt"
|
||||||
|
|
||||||
|
|
||||||
|
## Ignore A and AAAA queries for unqualified host names.
|
||||||
|
|
||||||
|
ignore_unqualified_hostnames = true
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#########################
|
#########################
|
||||||
# Metrics #
|
# Metrics #
|
||||||
@ -175,6 +197,7 @@ listen_addr = "@METRICS_ADDRESS@"
|
|||||||
path = "/metrics"
|
path = "/metrics"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
################################
|
################################
|
||||||
# Anonymized DNS #
|
# Anonymized DNS #
|
||||||
################################
|
################################
|
||||||
@ -187,6 +210,7 @@ enabled = @ANONDNS_ENABLED@
|
|||||||
|
|
||||||
|
|
||||||
# Allowed upstream ports
|
# Allowed upstream ports
|
||||||
|
# This is a list of commonly used ports for encrypted DNS services
|
||||||
|
|
||||||
allowed_ports = [ 443, 553, 853, 1443, 2053, 4343, 4434, 4443, 5353, 5443, 8443, 15353 ]
|
allowed_ports = [ 443, 553, 853, 1443, 2053, 4343, 4434, 4443, 5353, 5443, 8443, 15353 ]
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user