dohli

module

v0.0.0-...-dd4e4d9 Latest Latest Go to latest Published: Aug 1, 2020 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dimkr/dohli

Links

Open Source Insights

README ¶

     _       _     _ _ 
  __| | ___ | |__ | (_)
 / _` |/ _ \| '_ \| | |
| (_| | (_) | | | | | |
 \__,_|\___/|_| |_|_|_|

Overview

dohli (pronounced do-kh-li) is a simple and easy to deploy DNS-over-HTTPS (DoH) server that blocks ads and malicious sites.

One of the central points of critique against DoH, is the centralization of data: the big companies that power the internet-scale DoH servers used by default by applications like web browsers, are granted the privilege of unique access to browsing data that spans multiple sites or devices, risking the privacy and security of users.

User-owned DoH servers are a way to solve this problem. In addition, they provide an additional layer of privacy, by masking the DoH client address. Also, DoH servers like dohli, that use a random DNS server for each query, give each company a partial view of the user's browsing habits.

Implementation

dohli is written in Go.

It performs the actual resolving work using traditional DNS over UDP.

It uses Redis to cache DNS responses, and as a job queue.

A worker container gets notified each time a new domain name is resolved, then checks whether or not this domain should be blocked, against Steven Black's unified domain blacklist, the Energized Protection domain blacklist and URLHaus.

If yes, blocking is performed by inserting a cache entry that has no expiration time. Therefore, dohli needs some time for "training" and the client's DNS cache must expire, before ads are blocked.

CI/CD

Every day, dohli's CI/CD pipeline deploys the master branch to https://dohli.herokuapp.com, with an updated domain blacklist.

Usage

First, deploy to Heroku:

Then, append /dns-query to the web URL and configure your DoH client to use this as the DoH server.

For example, DoH clients that use the dohli instance deployed by CI/CD should use https://dohli.herokuapp.com/dns-query.

Android Firefox

Deployment from CLI

heroku create -s container --addons heroku-redis
heroku redis:maxmemory $ADDON_NAME --policy allkeys-lru
git push heroku master
heroku ps:scale web=1 worker=1

Legal Information

dohli is free and unencumbered software released under the terms of the MIT license; see COPYING for the license text.

The ASCII art logo at the top was made using FIGlet.

Directories ¶

Path	Synopsis
cmd
stub stub is a local DNS server that resolves using DoH.	stub is a local DNS server that resolves using DoH.
web web is a caching DoH server.	web is a caching DoH server.
worker worker monitors for domain access events and blocks domains using the cache.	worker monitors for domain access events and blocks domains using the cache.
pkg
cache Package cache implements DNS response cache.	Package cache implements DNS response cache.
dns Package dns provides utilities for parsing and crafting of DNS packets.	Package dns provides utilities for parsing and crafting of DNS packets.
hosts Package hosts implements a domain blacklist.	Package hosts implements a domain blacklist.
queue Package queue implements a task queue.	Package queue implements a task queue.
urlhaus Package urlhaus queries host information from URLHaus.	Package urlhaus queries host information from URLHaus.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL