encrypted-dns-server/encrypted-dns.toml

####################################################
#                                                  #
#        Encrypted DNS Server configuration        #
#                                                  #
####################################################


##################################
#         Global settings        #
##################################


## IP addresses and ports to listen to

listen_addrs = ["127.0.0.1:4443", "[::1]:4443"]


## IP address to connect to upstream servers from

external_addr = "0.0.0.0"


## File name to save the state to

state_file = "encrypted-dns.state"


## Upstream DNS server and port

upstream_addr = "9.9.9.9:53"


## UDP timeout in seconds

udp_timeout = 10


## TCP timeout in seconds

tcp_timeout = 10


## Maximum active UDP sockets

udp_max_active_connections = 1000


## Maximum active TCP connections

tcp_max_active_connections = 100


## User name to drop privileges to, when started as root.

# user = "nobody"


## Group name to drop privileges to, when started as root.

# group = "nobody"


## Path to chroot() to, when started as root.

# chroot = "/tmp"


####################################
#         DNSCrypt settings        #
####################################

[dnscrypt]

## Provider name (with or without the `2.dnscrypt-cert.` prefix)

provider_name = "secure.dns.test"


## Key cache capacity, per certificate

key_cache_capacity = 10000


###############################
#         TLS settings        #
###############################

[tls]

## Where to prooxy TLS connections to (e.g. DoH server)

# upstream_addr = "127.0.0.1:4343"
Move to TOML (1) 2019-09-19 10:09:00 +00:00			`####################################################`
			`# #`
			`# Encrypted DNS Server configuration #`
			`# #`
			`####################################################`


			`##################################`
			`# Global settings #`
			`##################################`


			`## IP addresses and ports to listen to`

Drop privileges 2019-09-19 10:57:24 +00:00			`listen_addrs = ["127.0.0.1:4443", "[::1]:4443"]`
Move to TOML (1) 2019-09-19 10:09:00 +00:00

			`## IP address to connect to upstream servers from`

			`external_addr = "0.0.0.0"`


			`## File name to save the state to`

			`state_file = "encrypted-dns.state"`


			`## Upstream DNS server and port`

			`upstream_addr = "9.9.9.9:53"`


			`## UDP timeout in seconds`

			`udp_timeout = 10`


			`## TCP timeout in seconds`

			`tcp_timeout = 10`


			`## Maximum active UDP sockets`

			`udp_max_active_connections = 1000`


			`## Maximum active TCP connections`

			`tcp_max_active_connections = 100`


Drop privileges 2019-09-19 10:57:24 +00:00			`## User name to drop privileges to, when started as root.`

			`# user = "nobody"`


			`## Group name to drop privileges to, when started as root.`

			`# group = "nobody"`


			`## Path to chroot() to, when started as root.`

			`# chroot = "/tmp"`


Move to TOML (1) 2019-09-19 10:09:00 +00:00
			`####################################`
			`# DNSCrypt settings #`
			`####################################`

			`[dnscrypt]`

Import from dnscrypt-wrapper 2019-09-20 09:25:24 +00:00			## Provider name (with or without the `2.dnscrypt-cert.` prefix)
Move to TOML (1) 2019-09-19 10:09:00 +00:00
			`provider_name = "secure.dns.test"`


ADd a key cache and improve logging 2019-09-20 08:39:42 +00:00			`## Key cache capacity, per certificate`

			`key_cache_capacity = 10000`


Move to TOML (1) 2019-09-19 10:09:00 +00:00
			`###############################`
			`# TLS settings #`
			`###############################`

			`[tls]`

			`## Where to prooxy TLS connections to (e.g. DoH server)`

Drop privileges 2019-09-19 10:57:24 +00:00			`# upstream_addr = "127.0.0.1:4343"`