summaryrefslogtreecommitdiff
path: root/network/dnscrypt-proxy/dnscrypt-proxy.default
diff options
context:
space:
mode:
Diffstat (limited to 'network/dnscrypt-proxy/dnscrypt-proxy.default')
-rw-r--r--network/dnscrypt-proxy/dnscrypt-proxy.default72
1 files changed, 72 insertions, 0 deletions
diff --git a/network/dnscrypt-proxy/dnscrypt-proxy.default b/network/dnscrypt-proxy/dnscrypt-proxy.default
new file mode 100644
index 0000000000..b1b70406be
--- /dev/null
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.default
@@ -0,0 +1,72 @@
+# /etc/default/dnscrypt-proxy
+
+# This file contains the configuration settings for dnscrypt-proxy. This file
+# supports configuring and running multiple instances (see the bottom of this
+# file for a sample secondary configuration).
+
+# CHROOTDIR should be the same path as the USER's home directory.
+# For the standard dnscrypt user this should be "/run/dnscrypt". For nobody,
+# this should be "/".
+CHROOTDIR[0]="/run/dnscrypt"
+#CHROOTDIR[0]="/"
+
+# The local address and (optional) port to listen on. The default port is 53.
+LOCALADDRESS[0]="127.0.0.1:53"
+
+# The pid file for this instance. PIDFILE must always be specified for each
+# instance!
+PIDFILE[0]="/var/run/dnscrypt-proxy/dnscrypt-proxy-0.pid"
+
+# Runs the daemon as the following user and chroots to that user's home
+# directory (this is a security feature -- it is best not to change this!)
+USER[0]="dnscrypt"
+#USER[0]="nobody"
+
+# If RESOLVERNAME is set, then RESOLVERADDRESS, PROVIDERNAME, and
+# PROVIDERKEY will be ignored. RESOLVERNAME should be the name of a resolver
+# from RESOLVERSLIST (the first column).
+RESOLVERNAME[0]="opendns"
+
+# Specify the location of the resolver list, used if RESOLVERNAME is set.
+RESOLVERSLIST[0]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv"
+
+# If RESOLVERNAME is unset, RESOLVERADDRESS, PROVIDERNAME and PROVIDERKEY are
+# the settings of the remote DNSCrypt provider.
+#RESOLVERADDRESS[0]="208.67.220.220:443"
+#PROVIDERNAME[0]="2.dnscrypt-cert.opendns.com"
+#PROVIDERKEY[0]="B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79"
+
+# Transparently add an OPT pseudo-RR to outgoing queries in order to enable
+# the EDNS0 extension mechanism. The payload size is the size of the largest
+# response we accept from the resolver before retrying over TCP. This feature
+# is enabled by default, with a payload size of 1252 bytes. Any value below
+# 512 disables it.
+#EDNSPAYLOADSIZE[0]="1252"
+
+# Set the maximum number of simultaneous active requests (default 250).
+#MAXACTIVEREQUESTS[0]="250"
+
+# Use TCP instead of UDP. This is slower than UDP, and this workaround should
+# never be used except when bypassing a filter is actually required. Moreover,
+# multiple queries over a single TCP connection aren't supported yet.
+# Don't use this unless you have to. Defaults to off ("no").
+#TCPONLY[0]="no"
+
+# Load the following plugins. None are loaded by default. See
+# /usr/doc/dnscrypt-proxy-@VERSION@/README-PLUGINS.markdown for more
+# information.
+#PLUGINS[0]="libdcplugin_example,--ips=/etc/blk-ips,--domains=/etc/blk-names \
+#libdcplugin_example_logging,/var/log/dns.log"
+
+# Where and what to log. The default LOGLEVEL is LOG_INFO.
+#LOGLEVEL[0]="LOG_INFO"
+LOGFILE[0]="/var/log/dnscrypt-proxy/dnscrypt-proxy.log"
+
+# A simple example configuration for a second instance
+#CHROOTDIR[1]="/run/dnscrypt"
+#LOCALADDRESS[1]="127.0.0.2:53"
+#PIDFILE[1]="/var/run/dnscrypt-proxy/dnscrypt-proxy-1.pid"
+#USER[1]="dnscrypt"
+#RESOLVERNAME[1]="cloudns-can"
+#RESOLVERSLIST[1]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv"
+#LOGFILE[1]="/var/log/dnscrypt-proxy/dnscrypt-proxy-1.log"