Skip to content

Sync upstream and add custom upstreams #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
3alpha wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Sync upstream and add custom upstreams #78

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e74f342
bump upstream + add custom resolvers override
Apr 14, 2025
e111314
update plugin format
Jul 2, 2025
16d4e4b
Merge branch 'master' into 3alpha/refresh-and-sync-upstream
Jul 2, 2025
20ce3ee
Update readme
Jul 2, 2025
f025792
fix server formatting
Jul 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 30 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,32 @@
# Dappnode Bind Core Package

🌐 This package acts as the DNS proxy for the Dappnode Packages. It is required to access the services provided by the Dappnode Packages from the host machine connected to the Dappnode.
🌐 This package acts as the DNS proxy for the Dappnode Packages. When connected to DAppNode, all DNS requests from your device are first sent to this package. It resolves DAppNode-specific domains locally and forwards all other DNS queries to the configured upstream DNSCrypt resolvers, ensuring secure and private name resolution for both DAppNode services and general internet browsing.

## Environment Variables

### PUBLIC_RESOLVERS_OVERRIDE

The `PUBLIC_RESOLVERS_OVERRIDE` environment variable allows you to customize the DNSCrypt resolvers used by the package. By default, the package uses a curated list of reliable public resolvers:
- scaleway-fr
- commons-host
- dnscrypt.me
- cloudflare

You can override these defaults by providing a comma-separated list of resolver names. For example:
```
PUBLIC_RESOLVERS_OVERRIDE=quad9,adguard-dns,google
```

#### DNSCrypt Features

The DNS proxy in this package uses DNSCrypt-proxy with the following security features enabled:

- **DNSCrypt and DNS-over-HTTPS (DoH)**: Supports both DNSCrypt and DoH protocols for encrypted DNS queries
- **No-logging Policy**: Only uses resolvers that pledge not to log user queries
- **No-filter Policy**: Uses resolvers that don't enforce their own blocklists
- **IPv4 Support**: Compatible with IPv4 networks
- **TCP/UDP Support**: Uses UDP by default for better performance, with TCP fallback available

The proxy is configured to handle up to 250 simultaneous client connections and listens on all interfaces (0.0.0.0:53).

For a full list of available public resolvers that can be used with `PUBLIC_RESOLVERS_OVERRIDE`, visit: https://dnscrypt.info/public-servers
4 changes: 2 additions & 2 deletions bind/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM golang:1.21.5-alpine3.18 AS builder
FROM golang:1.24.1-alpine3.21 AS builder

ARG UPSTREAM_VERSION

Expand All @@ -20,7 +20,7 @@ RUN cd ${SRC_DIR} && \
CGO_ENABLED=0 go build -mod vendor -ldflags="-s -w" -o /usr/local/bin/dnscrypt-proxy && \
chmod +x /usr/local/bin/dnscrypt-proxy

FROM alpine:3.18
FROM alpine:3.21

WORKDIR /app

Expand Down
Loading