Skip to content

Instantly share code, notes, and snippets.

@shrmnk

shrmnk/README.md

Created July 6, 2023 17:55
Show Gist options
  • Save shrmnk/fb2ab1c5270a1c578099c505f71aaee5 to your computer and use it in GitHub Desktop.
Save shrmnk/fb2ab1c5270a1c578099c505f71aaee5 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up Cloudflared DoH client on Ubuntu Server with resolved
Raw
README.md
  1. Install cloudflared
  2. Create /etc/systemd.system/cloudflared-proxy-dns.service with contents:
[Unit]
Description=DNS over HTTPS (DoH) proxy client
Wants=network-online.target nss-lookup.target
Before=nss-lookup.target

[Service]
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
DynamicUser=yes
ExecStart=/usr/bin/cloudflared proxy-dns

[Install]
WantedBy=multi-user.target
  1. Modify /etc/systemd/resolved.conf and set DNS=127.0.0.1
  2. Start the proxy: sudo systemctl start cloudflared-proxy-dns.service
  3. Restart resolved: sudo systemctl restart systemd-resolved.service
  4. Validate resolved is using 127.0.0.1: systemd-resolve --status
  5. Test: dig cloudflare.com AAAA
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment