DNS over HTTPS over PiHole
DNS over HTTPS over PiHole for Raspbian. This is for a https://github.com/pi-hole.
This has been pulled from https://docs.pi-hole.net/guides/dns-over-https/ and modified so that it can be run as a single script.
Before running the script it’s recommended to run sudo -v may be needed to run to cache the password, depending on how your Pi is setup.
https://github.com/vanderblugen/PiDOH/blob/master/main.sh
You still have to update the PiHole per the image below.
Here we are downloading the precompiled binary and copying it to the /usr/local/bin/ directory to allow execution by the cloudflared user.
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgztar -xvzf cloudflared-stable-linux-arm.tgzsudo cp ./cloudflared /usr/local/binsudo chmod +x /usr/local/bin/cloudflaredcloudflared -v
Create a cloudflared user to run the daemon
sudo useradd -s /usr/sbin/nologin -r -M cloudflared
Proceed to create a configuration file for cloudflared by copying the following in to /etc/default/cloudflared.
This file contains the command-line options that get passed to cloudflared on startup
echo "# Commandline args for cloudflaredCLOUDFLARED_OPTS=--port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query" | sudo tee -a /etc/default/a.txt > /dev/null
Create the systemd script in to /etc/systemd/system/cloudflared.service
This controls the running of the service and allow it to run on startup
echo "[Unit]Description=cloudflared DNS over HTTPS proxyAfter=syslog.target network-online.target[Service]Type=simpleUser=cloudflaredEnvironmentFile=/etc/default/cloudflaredExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTSRestart=on-failureRestartSec=10KillMode=process[Install]WantedBy=multi-user.target" | sudo tee -a /etc/systemd/system/alpha > /dev/null
Enable the systemd service to run on startup
sudo systemctl enable cloudflaredsudo systemctl start cloudflared
