Hey, the wiki here Encrypted DNS - NixOS Wiki show how to use dnscrypt-proxy with public servers but how doesn’t explain how to use the anonymized dns features from dnscrypt-proxy can someone show me how to do it please ?
This link should help. Anonymized DNS · DNSCrypt/dnscrypt-proxy Wiki · GitHub
In the services.dnscrypt-proxy2.settings you can just configure the dns to use the servers you want for anonmyzed dns.
You’ll also need to set up your relays as shown here. The config for anonymized dns is also shown here.
Hi, can you tell me if the following example is correct ?
services.dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
ipv4_servers = true;
require_nolog = true;sources.relays = { urls = [ "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md" "https://download.dnscrypt.info/resolvers-list/v3/relays.md" ]; cache_file = "/var/lib/dnscrypt-proxy2/relays.md"; minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; }; anonymized_dns = { routes = [ { server_name = "X"; via = [ "X" "X" ]; } ]; }; };};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = “dnscrypt-proxy”;
};
}
I think you also need to specify a resolvers list. dnscrypt-proxy/dnscrypt-proxy/example-dnscrypt-proxy.toml at 7fba32651bdfb191a5e531d37b01eb2c39d4f84a · DNSCrypt/dnscrypt-proxy · GitHub
The server_name in the route will be from the resolver list, and the via will be from the relay list. The server_name has to be a dnscrypt server, not a dns over https server.
I haven’t done this personally, but I think that should work.