dns-setup

for more info on what this is, check here. i suggest using either unbound or stubby. as DOT is the most secure method, i have no plans on introducing plaintext DNS (port 53) or DNS over HTTPS (port 443).
Feedback or questions, please let me know!

example unbound config:

server:
  tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
forward-zone:
  name: ".",
  forward-addr: [email protected]
  forward-addr: [email protected]
  forward-addr: [email protected]

example stubby config:

upstream_recursive_servers:
- address_data: 104.244.72.77
    tls_port: 853
    tls_auth_name: "t1.leech.ie"
- address_data: 199.195.249.193
    tls_port: 853
    tls_auth_name: "t2.leech.ie"
- address_data: 209.141.45.244
    tls_port: 853
    tls_auth_name: "t3.leech.ie"

version: cef310c, 2020-09-02
leech.ie | faq | contact - pgp