noot
This commit is contained in:
parent
f178ffe732
commit
1040c0831a
106
ansible/\
Normal file
106
ansible/\
Normal file
@ -0,0 +1,106 @@
|
||||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<title>mydns</title>
|
||||
<link rel="apple-touch-icon" sizes="180x180" href="/static/apple-touch-icon.png">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="/static/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="/static/favicon-16x16.png">
|
||||
<link rel="manifest" href="/static/site.webmanifest">
|
||||
<link rel="stylesheet" href="/static/normalize.css" type="text/css">
|
||||
<link rel="stylesheet" href="/static/tacit.min.css" type="text/css">
|
||||
</head>
|
||||
<body>
|
||||
<section>
|
||||
<header>
|
||||
<nav>
|
||||
<h1>mydns.gay</h1>
|
||||
</nav>
|
||||
</header>
|
||||
<article>
|
||||
<p>
|
||||
this is my anonymous dns server. you are free to use it, but just letting you know, this is mine, so it only really has features i care about.
|
||||
</p>
|
||||
<p>
|
||||
the only thing i record are long-term metrics, for the health of the service.
|
||||
</p>
|
||||
<p>
|
||||
it's meant to preserve my privacy (along with anyone who is using its).
|
||||
in large, my goal is to avoid my dns data being sold to advertisers.
|
||||
</p>
|
||||
</article>
|
||||
<article>
|
||||
<h3>endpoints</h3>
|
||||
<p>
|
||||
<table>
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>type</th>
|
||||
<th>endpoint</th>
|
||||
<th>additional info</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
DoH/DoH3
|
||||
</td>
|
||||
<td>
|
||||
<code>https://mydns.gay/dns-query</code>
|
||||
</td>
|
||||
<td>
|
||||
via ip4/ ipv6.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
DNS / DoT (IPv4)
|
||||
</td>
|
||||
<td>
|
||||
<code>172.232.13.191</code>
|
||||
</td>
|
||||
<td>
|
||||
SNI for TLS is <code>mydns.gay</code>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
<tr>
|
||||
<td>
|
||||
DNS / DoT (IPv6)
|
||||
</td>
|
||||
<td>
|
||||
<code> 2600:3c06::f03c:94ff:fe68:afad</code>
|
||||
</td>
|
||||
<td>
|
||||
SNI for TLS is <code>mydns.gay</code>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</p>
|
||||
</article>
|
||||
<!--
|
||||
<article>
|
||||
<h3>information</h3>
|
||||
</article>
|
||||
-->
|
||||
<article>
|
||||
<h3>information</h3>
|
||||
<p>
|
||||
the server is in linode ORD datacenter. if i believe that linode one day is unfit to run this service, i will switch.
|
||||
</p>
|
||||
<p>
|
||||
i'm really lazy, so the truth is, this is made from patching together a bunch of open source tools
|
||||
<ul>
|
||||
<li><a href="https://github.com/caddyserver/caddy">caddy (https routing, H3)</a></li>
|
||||
<li><a href="https://github.com/PowerDNS/pdns">dnsdist (dns load balancer)</a></li>
|
||||
<li><a href="https://github.com/semihalev/sdns">sdns (recursive resolver)</a></li>
|
||||
<li><a href="https://github.com/ansible/ansible">ansible (setup & config management)</a></li>
|
||||
<li><a href="https://debian.org">debian (host)</a></li>
|
||||
<li><a href="https://github.com/VictoriaMetrics/VictoriaMetrics">victoriametrics (metrics)</a></li>
|
||||
<li><a href="https://github.com/prometheus/prometheus">prometheus (metrics)</a></li>
|
||||
<li><a href="https://github.com/grafana/grafana">grafana (metrics)</a></li>
|
||||
</ul>
|
||||
</p>
|
||||
|
||||
</article>
|
||||
</section>
|
||||
|
||||
</body>
|
||||
</html>
|
@ -20,21 +20,13 @@
|
||||
<p>
|
||||
this is my anonymous dns server. you are free to use it, but just letting you know, this is mine, so it only really has features i care about.
|
||||
</p>
|
||||
<p>
|
||||
the only thing i record are long-term metrics, for the health of the service.
|
||||
</p>
|
||||
<p>
|
||||
it's meant to preserve my privacy (along with anyone who is using its).
|
||||
in large, my goal is to avoid my dns data being sold to advertisers.
|
||||
</p>
|
||||
<p>
|
||||
the only thing i record are long-term metrics, for the health of the service.
|
||||
|
||||
the server is in linode ORD datacenter. if i believe that linode one day is unfit to run this service, i will switch.
|
||||
</p>
|
||||
<p>
|
||||
software used: <ul>
|
||||
<li><a href="https://github.com/ansible/ansible">ansible</a></li>
|
||||
<li><a href="https://github.com/PowerDNS/pdns">dnsdist</a></li>
|
||||
</ul>
|
||||
</p>
|
||||
</article>
|
||||
<article>
|
||||
<h3>endpoints</h3>
|
||||
@ -54,42 +46,48 @@
|
||||
<code>https://mydns.gay/dns-query</code>
|
||||
</td>
|
||||
<td>
|
||||
via ip4, ipv6. TLS powered by <a href="https://github.com/caddyserver/caddy">caddy</a>
|
||||
via ip4/ipv6.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
DNS
|
||||
DNS (IPv4)
|
||||
</td>
|
||||
<td>
|
||||
<code>172.232.13.191</code> / <code>mydns.gay</code>
|
||||
<code>172.232.13.191</code>
|
||||
</td>
|
||||
<td>
|
||||
port 53
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
DNS (ipv6)
|
||||
DNS (IPv6)
|
||||
</td>
|
||||
<td>
|
||||
<code>
|
||||
2600:3c06::f03c:94ff:fe68:afad
|
||||
</code> / <code>mydns.gay</code>
|
||||
<code>[2600:3c06::f03c:94ff:fe68:afad]</code>
|
||||
</td>
|
||||
<td>
|
||||
port 53
|
||||
</td>
|
||||
</tr>
|
||||
<td>
|
||||
DNS over TLS/DoQ (IPv4)
|
||||
</td>
|
||||
<td>
|
||||
<code>172.232.13.191:853</code>
|
||||
</td>
|
||||
<td>
|
||||
SNI for TLS is <code>mydns.gay</code>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
DoT
|
||||
DNS over TLS/DoQ (IPv6)
|
||||
</td>
|
||||
<td>
|
||||
<code>172.232.13.191:853</code> / <code>mydns.gay:853</code>
|
||||
<code>[2600:3c06::f03c:94ff:fe68:afad]:853</code>
|
||||
</td>
|
||||
<td>
|
||||
Dns over TLS
|
||||
SNI for TLS is <code>mydns.gay</code>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
@ -101,6 +99,27 @@
|
||||
<h3>information</h3>
|
||||
</article>
|
||||
-->
|
||||
<article>
|
||||
<h3>information</h3>
|
||||
<p>
|
||||
the server is in linode ORD datacenter. if i believe that linode one day is unfit to run this service, i will switch.
|
||||
</p>
|
||||
<p>
|
||||
i'm really lazy, so the truth is, this is made from patching together a bunch of open source tools
|
||||
<ul>
|
||||
<li><a href="https://github.com/caddyserver/caddy">caddy (https routing, H3)</a></li>
|
||||
<li><a href="https://github.com/PowerDNS/pdns">dnsdist (dns load balancer)</a></li>
|
||||
<li><a href="https://github.com/semihalev/sdns">sdns (recursive resolver)</a></li>
|
||||
<li><a href="https://github.com/ansible/ansible">ansible (setup & config management)</a></li>
|
||||
<li><a href="https://debian.org">debian (host)</a></li>
|
||||
<li><a href="https://github.com/VictoriaMetrics/VictoriaMetrics">victoriametrics (metrics)</a></li>
|
||||
<li><a href="https://github.com/prometheus/prometheus">prometheus (metrics)</a></li>
|
||||
<li><a href="https://github.com/grafana/grafana">grafana (metrics)</a></li>
|
||||
</ul>
|
||||
</p>
|
||||
|
||||
</article>
|
||||
</section>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
@ -22,9 +22,15 @@ addAction(MaxQPSIPRule(5, 32, 48, 20), DelayAction(100))
|
||||
webserver("127.0.0.1:6060")
|
||||
setWebserverConfig({ statsRequireAuthentication=false })
|
||||
setLocal("0.0.0.0:53")
|
||||
|
||||
-- proxied by caddy
|
||||
addDOHLocal("127.0.0.1:8053", nil, nil, "/dns-query", { reusePort=true, trustForwardedForHeader=true })
|
||||
|
||||
addTLSLocal('0.0.0.0:853', tls_cert_crt, tls_cert_key)
|
||||
addTLSLocal('[::]:853', tls_cert_crt, tls_cert_key)
|
||||
|
||||
addDOQLocal('0.0.0.0:853', tls_cert_crt, tls_cert_key)
|
||||
addDOQLocal('[::]:853', tls_cert_crt, tls_cert_key)
|
||||
|
||||
addACL('0.0.0.0/0')
|
||||
addACL('::/0')
|
||||
|
Loading…
Reference in New Issue
Block a user