dough/README.md

# Dough

## Dough is a DoH (DNS Queries over HTTPS) server written in Elixir

This server was written to the IEFT Draft Spec
[draft-ietf-doh-dns-over-https-14](https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-14),
and has been tested and works flawlessly with Mozilla Firefox `trr` 
configuration.

## Motivation

After Mozilla announced their DNS over HTTPS client, the Trusted Recursive
Resolver (TRR) in partnership with Cloudflare, it sparked a privacy outcry.
Many were upset that Mozilla was choosing to have an opt-out option that sends
all visited hostnames to a third-party US based corporation.

This has the potential to centralize DNS infrastructure further, and allows
monopolistic control over an even greater portion of internet traffic.

Users should have control over this feature, and be able to choose their DoH
proxy server from sources they actually trust.

## Running the server

You can compile and run a release by executing the following.

```
$ mix deps.get

$ MIX_ENV=prod mix release --env=prod

$ cp _build/prod/rel/dough/etc/dough.toml ~/.config

$ _build/prod/rel/dough/bin/dough foreground
```

Feel free to edit the config file at `~/.config/dough.toml` to configure it to
use your favourite DNS provider as the proxy. By default, it's configured to
use [OpenNIC](https://www.opennic.org/) DNS servers for maximum freedom (as in
birds).

## Configure Firefox

The quickest way to configure firefox is to visit `about:config`, then search
for `trr`, setting the following values:

```
# force TRR mode, disable normal DNS lookups
network.trr.mode;3

# set your DoH server address. You need to use an IP, not a domain name,
# otherwise you won't be able to look it up with mode 3 set.
network.trr.uri;https://127.0.0.1:8331/dns-query

# a domain firefox will resolve to make sure TRR works.
network.trr.confirmationNS;thurloat.com
```