dotfiles/config/dnscrypt-proxy.toml

72 lines
2.4 KiB
TOML
Raw Normal View History

# https://github.com/drduh/config/blob/master/dnscrypt-proxy.toml
# https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml
#user_name = '_dnscrypt-proxy'
#server_names = ['quad9']
#server_names = ['abc']
listen_addresses = ['127.0.0.1:4200']
max_clients = 250
ipv4_servers = true
ipv6_servers = false
block_ipv6 = true
block_unqualified = true
block_undelegated = true
reject_ttl = 3600
force_tcp = false
timeout = 4000
keepalive = 60
cert_refresh_delay = 240
dnscrypt_ephemeral_keys = true
tls_disable_session_tickets = true
tls_cipher_suite = [52393] # TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
fallback_resolvers = ['9.9.9.9:53', '8.8.8.8:53']
ignore_system_dns = false
netprobe_timeout = 30
cache = true
cache_size = 4096
cache_min_ttl = 600
cache_max_ttl = 86400
cache_neg_min_ttl = 60
cache_neg_max_ttl = 600
forwarding_rules = 'forwarding-rules.txt'
log_level = 2
log_file = 'dnscrypt.log'
log_files_max_size = 10
log_files_max_age = 7
log_files_max_backups = 1
[query_log]
file = 'query.log'
[nx_log]
file = 'nx.log'
[blocked_names]
blocked_names_file = 'blocklist.txt'
log_file = 'blocked.log'
[blocked_ips]
blocked_ips_file = 'ip-blocklist.txt'
log_file = 'ip-blocked.log'
#[allowed_names]
# allowed_names_file = 'allowed.txt'
# log_file = 'allowed-names.log'
#[sources]
# [sources.'public-resolvers']
# urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
# cache_file = 'public-resolvers.md'
# minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
# prefix = ''
# [sources.'relays']
# urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md',
# 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
# cache_file = 'relays.md'
# minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
# refresh_delay = 72
# prefix = ''
# [sources.quad9-resolvers]
# urls = ['https://www.quad9.net/quad9-resolvers.md']
# minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN'
# cache_file = 'quad9-resolvers.md'
# prefix = 'quad9-'
#[static]
# [static.'quad9']
# stamp = 'sdns://AQMAAAAAAAAAEjE0OS4xMTIuMTEyLjk6ODQ0MyBnyEe4yHWM0SAkVUO-dWdG3zTfHYTAC4xHA2jfgh2GPhkyLmRuc2NyeXB0LWNlcnQucXVhZDkubmV0'
# [static.'abc']
# stamp = 'sdns://AAAAA...'