initial commit

2020-10-10 11:46:29 -05:00 · 2020-10-10 11:46:29 -05:00 · 3653654efc
commit 3653654efc
6 changed files with 85 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,4 @@
+*
+!dnscrypt-proxy.toml
+!cloaking-rules.txt
+!forwarding-rules.txt
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+FROM alpine:3.12
+
+RUN apk add --no-cache dnscrypt-proxy
+ADD . /data
+WORKDIR /data
+
+CMD dnscrypt-proxy
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+pipeline {
+  agent any
+  stages {
+    stage('build') {
+      steps {
+        checkout scm
+        script {
+          sh 'git rev-parse HEAD > commit'
+          def gitCommit = readFile('commit').trim()
+          def registryHost = "registry.terrible.network"
+          def imageName = "${registryHost}/terribleplan/doh-stub-dnscrypt-proxy"
+
+          def app = docker.build("${imageName}:${gitCommit}")
+          docker.withRegistry("https://${registryHost}", "registry-terrible-network") {
+            app.push("latest")
+          }
+        }
+      }
+    }
+  }
+}
--- a/cloaking-rules.txt
+++ b/cloaking-rules.txt
--- a/dnscrypt-proxy.toml
+++ b/dnscrypt-proxy.toml
@ -0,0 +1,53 @@
+server_names = ['cloudflare']
+listen_addresses = ['0.0.0.0:53']
+max_clients = 250
+ipv4_servers = true
+ipv6_servers = false
+dnscrypt_servers = false
+doh_servers = true
+force_tcp = false
+timeout = 5000
+keepalive = 60
+blocked_query_response = 'hinfo'
+lb_strategy = 'ph'
+log_level = 2
+log_file = '/dev/stdout'
+use_syslog = false
+cert_refresh_delay = 240
+# DoH: Disable TLS session tickets - increases privacy but also latency
+tls_disable_session_tickets = false
+fallback_resolvers = ['1.1.1.1:53', '9.9.9.9:53', '8.8.8.8:53']
+ignore_system_dns = true
+netprobe_timeout = 60
+netprobe_address = '8.8.8.8:53'
+offline_mode = false
+log_files_max_size = 0
+log_files_max_age = 0
+log_files_max_backups = 0
+block_ipv6 = true
+block_unqualified = true
+block_undelegated = true
+reject_ttl = 600
+forwarding_rules = '/data/forwarding-rules.txt'
+cloaking_rules = '/data/cloaking-rules.txt'
+cloak_ttl = 60
+cache = true
+cache_size = 16384
+cache_min_ttl = 2400
+cache_max_ttl = 86400
+cache_neg_min_ttl = 60
+cache_neg_max_ttl = 600
+[local_doh]
+[query_log]
+[nx_log]
+[schedules]
+[sources]
+  [sources.'public-resolvers']
+  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md']
+  cache_file = 'public-resolvers.md'
+  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+  prefix = ''
+[broken_implementations]
+fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familyshield-ipv6', 'cleanbrowsing-adult', 'cleanbrowsing-family-ipv6', 'cleanbrowsing-family', 'cleanbrowsing-security']
+[anonymized_dns]
+[static]
--- a/forwarding-rules.txt
+++ b/forwarding-rules.txt