From c55108d7da7afdf59a3080821a73115d4c9e47f2 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 20 Apr 2020 16:44:40 +0200 Subject: [PATCH] Update encrypted-dns-server --- Dockerfile | 2 +- encrypted-dns.toml.in | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e2cf7a5..8b274f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -37,7 +37,7 @@ ENV RUSTFLAGS "-C link-arg=-s" RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \ curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \ export PATH="$HOME/.cargo/bin:$PATH" && \ - echo "Compiling encrypted-dns version 0.3.14" && \ + echo "Compiling encrypted-dns version 0.3.17" && \ cargo install encrypted-dns && \ mkdir -p /opt/encrypted-dns/sbin && \ mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \ diff --git a/encrypted-dns.toml.in b/encrypted-dns.toml.in index 7b83338..acb877d 100644 --- a/encrypted-dns.toml.in +++ b/encrypted-dns.toml.in @@ -114,6 +114,11 @@ group = "_encrypted-dns" # chroot = "/var/empty" +## Queries sent to that name will return the client IP address. +## This can be very useful for debugging, or to check that relaying works. + +my_ip = "my.ip" + #################################### # DNSCrypt settings # @@ -223,3 +228,23 @@ allow_non_reserved_ports = false # Blacklisted upstream IP addresses blacklisted_ips = [ @ANONDNS_BLACKLISTED_IPS@ ] + + + + +################################ +# Access control # +################################ + +[access_control] + +# Enable access control + +enabled = false + +# Only allow access to client queries including one of these random tokens +# Tokens can be configured in the `query_meta` section of `dnscrypt-proxy` as +# `query_meta = ["token:..."]` -- Replace ... with the token to use by the client. +# Example: `query_meta = ["token:Y2oHkDJNHz"]` + +tokens = ["Y2oHkDJNHz", "G5zY3J5cHQtY", "C5zZWN1cmUuZG5z"]