A DNS over HTTPS (DoH) client written in elixir.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Thurloat 75ed3bad0d better configuration, better README for releases 6 years ago
config better configuration, better README for releases 6 years ago
lib better configuration, better README for releases 6 years ago
priv/ssl rename project 6 years ago
rel add socket as application for disillery to pick up. 6 years ago
test rename project 6 years ago
.formatter.exs rename project 6 years ago
.gitignore rename project 6 years ago
LICENSE Add License, add some quick notes to README 6 years ago
README.md better configuration, better README for releases 6 years ago
mix.exs add distillery for releases 6 years ago
mix.lock bootstrap distillery release config 6 years ago

README.md

Dough

Dough is a DoH (DNS Queries over HTTPS) server written in Elixir

This server was written to the IEFT Draft Spec draft-ietf-doh-dns-over-https-14, and has been tested and works flawlessly with Mozilla Firefox trr configuration.

Motivation

After Mozilla announced their DNS over HTTPS client, the Trusted Recursive Resolver (TRR) in partnership with Cloudflare, it sparked a privacy outcry. Many were upset that Mozilla was choosing to have an opt-out option that sends all visited hostnames to a third-party US based corporation.

This has the potential to centralize DNS infrastructure further, and allows monopolistic control over an even greater portion of internet traffic.

Users should have control over this feature, and be able to choose their DoH proxy server from sources they actually trust.

Running the server

You can compile a release by running the following:

export REPLACE_OS_VARS=true
export MIX_ENV=prod 
mix release --env=prod

Then to run the server, you can supply your own DNS server via the DOUGH_DNS environment variable.

DOUGH_DNS="1.1.1.1" _build/prod/rel/dough/bin/dough foreground

Configure Firefox

The quickest way to configure firefox is to visit about:config, then search for trr, setting the following values:

# force TRR mode, disable normal DNS lookups
network.trr.mode;3

# set your DoH server address. You need to use an IP, not a domain name,
# otherwise you won't be able to look it up with mode 3 set.
network.trr.uri;https://127.0.0.1:8331/dns-query

# a domain firefox will resolve to make sure TRR works.
network.trr.confirmationNS;thurloat.com