DNS Over HTTP Container Image
APACHE-2.0 License
This Docker image provides a DNS Over HTTP (DOH) service, designed to enhance privacy and security by encrypting DNS queries. It supports custom upstream DNS servers and execution of custom scripts. The image is compatible with various architectures including linux/amd64, linux/arm64, and linux/arm/v7. It offers both Alpine and Ubuntu based images for flexibility.
Using DNS Over HTTP offers several advantages:
docker run -itd --name doh-server \
-p 8053:8053 \
-e UPSTREAM_DNS_SERVER=udp:208.67.222.222:53 \
satishweb/doh-server
version: '2.2'
networks:
default:
services:
doh-server:
image: satishweb/doh-server
hostname: doh-server
networks:
- default
environment:
DEBUG: "0"
# Upstream DNS server: proto:host:port
# We are using OpenDNS DNS servers as default,
# Here is the list of addresses: https://use.opendns.com/
UPSTREAM_DNS_SERVER: "udp:208.67.222.222:53"
DOH_HTTP_PREFIX: "/getnsrecord"
DOH_SERVER_LISTEN: ":8053"
DOH_SERVER_TIMEOUT: "10"
DOH_SERVER_TRIES: "3"
DOH_SERVER_VERBOSE: "true"
# You can add more variables here or as docker secret and entrypoint
# script will replace them inside doh-server.conf file
volumes:
# - ./doh-server.conf:/server/doh-server.conf
# Mount app-config script with your customizations
# - ./app-config:/app-config
deploy:
replicas: 1
# placement:
# constraints:
# - node.labels.type == worker
brew install colima
colima start --cpu 8 --memory 16 --disk 150
docker context use colima
brew install colima
colima start --arch x86_64 --cpu 8 --memory 16 --disk 150 -p buildx
docker context use colima-buildx
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker buildx create --use
docker buildx inspect --bootstrap
docker build . --no-cache -t satishweb/doh-server -f Dockerfile.alpine
docker pull satishweb/doh-server
Follow these steps to set up DOH Server on Linux, Mac, or Raspberry Pi in minutes using Docker Compose.
wget https://github.com/satishweb/docker-doh/archive/v2.3.6.zip
unzip v2.3.6.zip
cp -rf docker-doh-2.3.6/examples/docker-compose-doh-server doh-server
rm -rf v2.3.6.zip docker-doh-2.3.6
cd doh-server
env.sample.conf
to env.conf
and update environment variables:EMAIL=[email protected]
DOMAIN=example.com
SUBDOMAIN=dns
AWS_ACCESS_KEY_ID=AKIKJ_CHANGE_ME_FKGAFVA
AWS_SECRET_ACCESS_KEY=Nx3yKjujG8kjj_CHANGE_ME_Z/FnMjhfJHFvEMRY3
AWS_REGION=us-east-1
AWS_HOSTED_ZONE_ID=Z268_CHANGE_ME_IQT2CE6
./launch.sh
mkdir -p data/unbound/custom
vi data/unbound/custom/custom.hosts
https://dns.example.com/getnsrecord
curl -w '\n' 'https://dns.example.com/getnsrecord?name=google.com&type=A'
If a proxy is still running with a self-signed certificate:
data/proxy/certs/acme.json
contents.docker-compose.yml
.If unable to bind port 53 for unbound service:
systemd-resolved
service: sudo service systemd-resolved stop; sudo apt-get -y purge systemd-resolved
If unable to bind ports 80 and 443 for proxy service:
Docker-compose configuration with IPV6 support will be added in the future.
Configure your router's DHCP settings to point to your DOH server's IP address.
Install Cloudflared for Linux, Mac, or Windows. Set your DOH server as upstream for Cloudflared as follows:
/usr/local/etc/cloudflared/config.yml
/usr/local/etc/cloudflared/config.yaml
proxy-dns: true