DNS Resolver Infrastructure Infrastructure Overview acme.sh (TLS certificate generation for haproxy) nsd (OpenNIC) unbound (DNS Resolver) dnscrypt-server (dnscrypt) doh-proxy or m13253-doh haproxy (DNS-over-HTTPS) haproxy (DNS-over-TLS) Getting started Quick start** pacman -S docker docker-composer docker-buildx git clone https://github.com/publicarray/dns-resolver-infra.git && cd dns-resolver-infra # Add Cloudflare cedentials for acme.sh / TLS certificates echo 'CF_TOKEN=xxxx' >> .env echo 'CF_ACCOUNT_ID=xxxx' >> .env echo 'CF_ZONE_ID=xxxx' >> .env ./deploy.sh Docker Compose # Build Images or pull them: docker-compose pull # Add Cloudflare cedentials for acme.sh / TLS certificates echo 'CF_TOKEN=xxxx' >> .env echo 'CF_ACCOUNT_ID=xxxx' >> .env echo 'CF_ZONE_ID=xxxx' >> .env # # Setup CA # docker-compose run acme --register-account -m [email protected] # # or # docker-compose run acme.sh --set-default-ca --server letsencrypt # Launch docker-compose up -d Usage with Docker-Swarm Usage with Kubernetes sysctl sysctl net.ipv4.tcp_congestion_control=bbr Tests npm i --legacy-peer-deps ./lint.sh npm run bats tests ./test.sh