|
|
|
|
# Dough
|
|
|
|
|
|
|
|
|
|
## Dough is a DoH (DNS Queries over HTTPS) server written in Elixir
|
|
|
|
|
|
|
|
|
|
This server was written to the IEFT Draft Spec
|
|
|
|
|
[draft-ietf-doh-dns-over-https-14](https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-14),
|
|
|
|
|
and has been tested and works flawlessly with Mozilla Firefox `trr`
|
|
|
|
|
configuration.
|
|
|
|
|
|
|
|
|
|
## Motivation
|
|
|
|
|
|
|
|
|
|
After Mozilla announced their DNS over HTTPS client, the Trusted Recursive
|
|
|
|
|
Resolver (TRR) in partnership with Cloudflare, it sparked a privacy outcry.
|
|
|
|
|
Many were upset that Mozilla was choosing to have an opt-out option that sends
|
|
|
|
|
all visited hostnames to a third-party US based corporation.
|
|
|
|
|
|
|
|
|
|
This has the potential to centralize DNS infrastructure further, and allows
|
|
|
|
|
monopolistic control over an even greater portion of internet traffic.
|
|
|
|
|
|
|
|
|
|
Users should have control over this feature, and be able to choose their DoH
|
|
|
|
|
proxy server from sources they actually trust.
|
|
|
|
|
|
|
|
|
|
## Running the server
|
|
|
|
|
|
|
|
|
|
Currently you can run with `Mix run --no-halt`, working on a `distillery`
|
|
|
|
|
process to compile something nice.
|
|
|
|
|
|
|
|
|
|
## Configure Firefox
|
|
|
|
|
|
|
|
|
|
The quickest way to configure firefox is to visit `about:config`, then search
|
|
|
|
|
for `trr`, setting the following values:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
# force TRR mode, disable normal DNS lookups
|
|
|
|
|
network.trr.mode;3
|
|
|
|
|
|
|
|
|
|
# set your DoH server address. You need to use an IP, not a domain name,
|
|
|
|
|
# otherwise you won't be able to look it up with mode 3 set.
|
|
|
|
|
network.trr.uri;https://127.0.0.1:8331/dns-query
|
|
|
|
|
|
|
|
|
|
# a domain firefox will resolve to make sure TRR works.
|
|
|
|
|
network.trr.confirmationNS;thurloat.com
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
