A DNS over HTTPS (DoH) client written in elixir.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dough/README.md

69 lines
2.2 KiB

# Dough
## Dough is a DoH (DNS Queries over HTTPS) server written in Elixir
This server was written to the IEFT Draft Spec
[draft-ietf-doh-dns-over-https-14](https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-14),
and has been tested and works flawlessly with Mozilla Firefox `trr`
configuration.
## Motivation
After Mozilla announced their DNS over HTTPS client, the Trusted Recursive
Resolver (TRR) in partnership with Cloudflare, it sparked a privacy outcry.
Many were upset that Mozilla was choosing to have an opt-out option that sends
all visited hostnames to a third-party US based corporation.
This has the potential to centralize DNS infrastructure further, and allows
monopolistic control over an even greater portion of internet traffic.
Users should have control over this feature, and be able to choose their DoH
proxy server from sources they actually trust.
## Running the server
You can compile and run a release by executing the following.
```
$ mix deps.get
$ MIX_ENV=prod mix release --env=prod
$ cp _build/prod/rel/dough/etc/dough.toml ~/.config
$ _build/prod/rel/dough/bin/dough foreground
██▄ ████▄ ▄ ▄▀ ▄ █
█ █ █ █ █ ▄▀ █ █
█ █ █ █ █ █ █ ▀▄ ██▀▀█
█ █ ▀████ █ █ █ █ █ █
███▀ █▄ ▄█ ███ █
▀▀▀ ▀
Starting Dough Server 0.1.0 ...
DNS Proxying to 37.235.1.174
```
Feel free to edit the config file at `~/.config/dough.toml` to configure it to
use your favourite DNS provider as the proxy. By default, it's configured to
use [OpenNIC](https://www.opennic.org/) DNS servers for maximum freedom (as in
birds).
## Configure Firefox
The quickest way to configure firefox is to visit `about:config`, then search
for `trr`, setting the following values:
```
# force TRR mode, disable normal DNS lookups
network.trr.mode;3
# set your DoH server address. You need to use an IP, not a domain name,
# otherwise you won't be able to look it up with mode 3 set.
network.trr.uri;https://127.0.0.1:8331/dns-query
# a domain firefox will resolve to make sure TRR works.
network.trr.confirmationNS;thurloat.com
```