安装 Go 语言

pushd /usr/local
wget -O go.tar.gz https://dl.google.com/go/go1.16.6.linux-amd64.tar.gz
tar xf go.tar.gz
rm -f go.tar.gz
popd

安装 dns-over-https 软件

export PATH="/usr/local/go/bin:$PATH"

pushd ~
rm -fr dns-over-https
git clone https://github.com/m13253/dns-over-https --depth 1
pushd dns-over-https
make doh-server
pushd doh-server
cp -f doh-server /usr/bin/doh-server
popd
popd
popd

配置 dns-over-https 软件

cat > /etc/doh-server.conf << EOF
listen = [
    "127.0.0.1:8053"
]

local_addr = ""
cert = ""
key = ""
path = "/dns-query"

upstream = [
    "udp:1.1.1.1:53",
    "udp:1.0.0.1:53",
    "udp:8.8.8.8:53",
    "udp:8.8.4.4:53"
]

timeout = 10
tries = 3
verbose = false

log_guessed_client_ip = true
ecs_allow_non_global_ip = false
ecs_use_precise_ip = false
EOF

配置 dns-over-https 服务

cat > /etc/systemd/system/doh-server.service << EOF
[Unit]
Description=DNS over HTTPS
After=network.target

[Service]
Type=simple
LimitNOFILE=infinity
ExecStart=/usr/bin/doh-server -conf /etc/doh-server.conf
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
EOF

配置 Nginx 转发

location /dns-query {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_pass http://127.0.0.1:8053;
}

启动服务

systemctl daemon-reload
systemctl enable --now doh-server
systemctl restart doh-server

测试

curl -fsSL "https://your_website_url/dns-query?name=www.google.com"

一些清理工作

# 删除 Go 语言
rm -fr /usr/local/go

# 删除 dns-over-https 源码
rm -fr ~/dns-over-https
最后修改:2021 年 07 月 16 日 01 : 54 AM