DNSCrypt

From NixOS Wiki
Revision as of 17:27, 21 August 2017 by imported>Makefu (import from nixos-users)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Usually DNS is not encrypted and unauthenticated by default. Some countries or provider may change the result of domain resolution.

Enable DNSCrypt

The following snippet will enable DNSCrypt and set it as the default system resolver. 

{ # configuration.nix
  services.dnscrypt-proxy = {
    enable = true;
    # the official default resolver is unreliable from time to time
    # either use a different, trust-worthy one from here:
    #   https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv 
    # or setup your own.
    #resolverName = "cs-de";
  };
  networking.nameservers = ["127.0.0.1"];
}
Retrieved from "https://wiki.nixos.org/w/index.php?title=DNSCrypt&oldid=1766"