-
Notifications
You must be signed in to change notification settings - Fork 1k
Installation on Alpine Linux
dnscrypt-proxy is in the 'community' repository which needs to be enabled in /etc/apk/respositories
by removing the comment #
on the appropriate line e.g.
# main and community enabled, testing disabled on the 'edge' branch
http://alpine.mirror.wearetriple.com/edge/main
http://alpine.mirror.wearetriple.com/edge/community
#http://alpine.mirror.wearetriple.com/edge/testing
If you're not running on 'edge' then you might see the version numbers instead
# main and community enabled, testing disabled on the 'V3.9' branch
http://alpine.mirror.wearetriple.com/V3.9/main
http://alpine.mirror.wearetriple.com/V3.9/community
#http://alpine.mirror.wearetriple.com/V3.9/testing
Alpine Linux maintain their own packages for dnscrypt-proxy, and the openrc package for managing the service.
Installation:
apk update && apk add dnscrypt-proxy dnscrypt-proxy-openrc
To start at boot, use
rc-update add dnscrypt-proxy default
Then to start the service immediately...
rc-service dnscrypt-proxy start
or
/etc/init.d/dnscrypt-proxy start
Configuration of the /etc/dnscrypt-proxy/dnscrypt-proxy.toml
file is discussed elsewhere on this wiki.
There are also some examples on https://wiki.alpinelinux.org/wiki/DNSCrypt-Proxy.
Example configuration files are stored in /usr/share/dnscrypt-proxy
.
When upgrading the package, a new file /etc/dnscrypt-proxy/dnscrypt-proxy.toml.apk-new
will be created.
The original configuration file remains, and the new default configuration file gets this apk-new
extension.
Be aware that new configuration properties (if available) will be in the apk-new
file, since an edited configuration file can not be automatically updated.
To see the differences, use the diff
command:
diff /etc/dnscrypt-proxy/dnscrypt-proxy.toml /etc/dnscrypt-proxy/dnscrypt-proxy.toml.apk-new
In somecases if you want to run dnscrypt-proxy as a non-root user you'll get the error "[FATAL] listen udp 0.0.0.0:53: bind: permission denied"
to solve this problem you can run the following command and allow dnscrypt to have access to a low level port :
sudo setcap cap_net_bind_service=+ep $(which dnscrypt-proxy)
- Home
- Installation
- Configuration
- Checking that your DNS traffic is encrypted
- Automatic Updates
- Server sources
- Combining blocklists
- Public Blocklist and other configuration files
- Building from source
- Run your own DNSCrypt server in under 10 minutes
- DNS stamps specifications
- Windows Tips
- dnscrypt-proxy in the media
- Planned Features