Limour

Limour

临床医学在读。
HomeArchivesAListUptime

[Record] Building an Ad-free DoH Server

#DoH#adguard352
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This is a set of instructions for deploying a reverse proxy service called AdGuard. It involves creating a directory, editing a configuration file, and running a Docker container. The instructions also include configuring DNS and DoH settings, as well as setting up a token for secure access.

Deployment#

mkdir -p ~/app/adguard && cd ~/app/adguard && nano docker-compose.yml
sudo docker-compose up -d # Panel port 3000
# /opt/adguardhome/letsencrypt/live/npm-1/fullchain.pem
# /opt/adguardhome/letsencrypt/live/npm-1/privkey.pem
sed -i 's/allow_unencrypted_doh: false/allow_unencrypted_doh: true/' ./conf/AdGuardHome.yaml && sudo docker-compose restart

version: '3.3'
services:
  adguard:
    restart: unless-stopped
    volumes:
      - './work:/opt/adguardhome/work'
      - './conf:/opt/adguardhome/conf'
      - '/root/base/NGPM/letsencrypt:/opt/adguardhome/letsencrypt'
      - '/etc/localtime:/etc/localtime:ro'
    image: adguard/adguardhome:latest
 
networks:
  default:
    external: true
    name: ngpm

image

DNS Settings#

  • Navigation Bar-Settings-DNS Settings
  • Enable DNSSEC in DNS service configuration

image
image

DoH Settings#

  • Navigation Bar-Settings-DNS Settings
  • Enable encryption in Encryption
  • The certificate can be set to the automatically applied certificate by npm
  • Reverse proxy /dns-query, keep the token confidential and do not leak it
  • There is no / after token, and there is a / after dns-query
  • Fill in https://my.com/token in Chrome's Settings-Privacy and Security-Security-DNS
  • Go back to the dashboard and see if there are any DNS queries recorded

image

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.