A DNS server container which utilises several anonymised, non-logging, non-filtering DNS over HTTPS servers by utilizing DNSCrypt Proxy (https://github.com/jedisct1/dnscrypt-proxy, https://dnscrypt.info/).
In this config, tcp and udp port 53 must be free on the host:
docker run -dt --dns 127.0.0.1 -p 53:53/udp 53:53/tcp --name dnscrypt-proxy --restart unless-stopped modem7/dnscrypt-proxyservices:
#DNSCrypt-Proxy - Non-caching, Non-logging, DNSSEC DNS Resolver
dnscrypt-proxy:
image: modem7/dnscrypt-proxy:latest
container_name: Dnscrypt-proxy
hostname: DNSCrypt
dns:
- 127.0.0.1
ports:
- "53:53"
volumes:
#- $USERDIR/DNSCrypt/dnscrypt-proxy.toml:/etc/dnscrypt-proxy/dnscrypt-proxy.toml # Uncomment if you want to define your own dnscrypt-proxy.toml file
- /etc/localtime:/etc/localtime:ro
restart: always
mem_limit: 100m
mem_reservation: 30m| Variable | Description | Default |
|---|---|---|
| LOG_LEVEL | Log level (0-6, default: 2 - 0 is very verbose, 6 only contains fatal errors) | 2 |
| TZ | Timezone | Europe/London |
If you want to modify the server list being used or other parameters you can clone the repo, modify the configuration files, build your own image, and run from that build.
Alternatively: Uncomment the value in volumes to substitute your own local configuration.
Clone Repo: git clone https://github.com/modem7/Dnscrypt-Proxy.git
Modify DNSCrypt-Proxy config: dnscrypt/dnscrypt-proxy.toml
Modify servers to meet your needs, adjust other params if desired. For more detail around those settings, see: https://github.com/jedisct1/dnscrypt-proxy/wiki/Configuration-Sources
Run the build:
docker build -f dnscrypt-proxy/Dockerfile dnscrypt-proxy/ -t dnscrypt-proxy-buildRun a container from the build:
docker run -dt --dns 127.0.0.1 -p 53:53/udp -p 53:53/tcp --name dnscrypt-proxy --restart unless-stopped dnscrypt-proxy-buildIf you run into issues after updating, remove the container and volume and recreate to get the latest config