So I very recently blogged about using Pi-hole with dnscrypt-proxy. Where I was aiming for was Pi-hole to talk to dnscrypt-proxy which in turn would talk to NextDNS (via DNS over TLS). I couldn't find a way to do this, so instead resorted to Stubby.
Stubby
Installation was pretty simple:
- Install stubby via apt:
sudo apt intall stubby - Edit the file /etc/stubby/stubby.ytml
- Under the listen_addresses section change it to:
listen_addresses:
- address_data: 127.0.0.1
port: 5353
- address_data: 0::1
port: 5353
- Change
round_robin_upstreams: 1to becomeround_robin_upstreams: 0 - Change the upstream_recursive_servers section to be what is shown in your account under NextDNS. This is available under the Setup tab, and select Linux and then look for the Stubby section.
- Restart stubby:
sudo systemctl restart stubby - Setup/install Pi-hole
- In your Pi-hole instance, change your upstream DNS become 127.0.0.1#5353
- Test you configuration:
dig @<pi-hole_ip> www.google.com(where <pi-hole_ip> is the IP address of your Pi-hole server).
