Skip to content

Commit

Permalink
fix(dns): use dae to cache DNS queries
Browse files Browse the repository at this point in the history
  • Loading branch information
LEXUGE committed Aug 10, 2024
1 parent 4d6dd49 commit ea91d30
Show file tree
Hide file tree
Showing 4 changed files with 73 additions and 107 deletions.
55 changes: 1 addition & 54 deletions cfgs/deck/networking.nix
Original file line number Diff line number Diff line change
Expand Up @@ -43,59 +43,6 @@
my.dcompass = {
enable = true;
package = pkgs.dcompass.dcompass-maxmind;
settings = {
cache_size = 1024;
upstreams = {
domestic = { hybrid = [ "feic" "ali" "aliudp" ]; };

secure = { hybrid = [ "cloudflare" "quad9" ]; };

feic = { udp = { addr = "[240C::6666]:53"; }; };

aliudp = { udp = { addr = "223.5.5.6:53"; }; };

ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; };

cloudflare = {
https = {
timeout = 4;
# addr = "2606:4700:4700::1111";
addr = "104.16.248.249";
uri = "https://cloudflare-dns.com/dns-query";
};
};

quad9 = {
https = {
timeout = 4;
addr = "9.9.9.9";
uri = "https://dns.quad9.net/dns-query";
};
};
};
script = ''pub async fn init() {
let domain = Domain::new()
// .add_file("${pkgs.chinalist}/google.china.raw.txt")?
// .add_file("${pkgs.chinalist}/apple.china.raw.txt")?
.add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")?.seal();
Ok(#{"domain": Utils::Domain(domain)})
}
pub async fn route(upstreams, inited, ctx, query) {
// if query.first_question?.qtype == "AAAA" { return blackhole(query); }
if inited.domain.0.contains(query.first_question?.qname) {
query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?;
upstreams.send_default("domestic", query).await
} else {
upstreams.send("secure", CacheMode::Persistent, query).await
}
}
'';

address = "127.0.0.1:53";
verbosity = "warn";
};
settings = (import ../../misc/dcompass_settings.nix { inherit pkgs; });
};
}
54 changes: 1 addition & 53 deletions cfgs/x1c7/networking.nix
Original file line number Diff line number Diff line change
Expand Up @@ -36,58 +36,6 @@
my.dcompass = {
enable = true;
package = pkgs.dcompass.dcompass-maxmind;
settings = {
cache_size = 1024;
upstreams = {
domestic = { hybrid = [ "feic" "ali" "aliudp" ]; };

secure = { hybrid = [ "cloudflare" "quad9" ]; };

feic = { udp = { addr = "[240C::6666]:53"; }; };

aliudp = { udp = { addr = "223.5.5.6:53"; }; };

ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; };

cloudflare = {
https = {
timeout = 4;
# addr = "2606:4700:4700::1111";
addr = "104.16.248.249";
uri = "https://cloudflare-dns.com/dns-query";
};
};

quad9 = {
https = {
timeout = 4;
addr = "9.9.9.9";
uri = "https://dns.quad9.net/dns-query";
};
};
};
script = ''pub async fn init() {
let domain = Domain::new()
// .add_file("${pkgs.chinalist}/google.china.raw.txt")?
// .add_file("${pkgs.chinalist}/apple.china.raw.txt")?
.add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")?.seal();
Ok(#{"domain": Utils::Domain(domain)})
}
pub async fn route(upstreams, inited, ctx, query) {
// if query.first_question?.qtype == "AAAA" { return blackhole(query); }
if inited.domain.0.contains(query.first_question?.qname) {
query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?;
upstreams.send_default("domestic", query).await
} else {
upstreams.send("secure", CacheMode::Standard, query).await
}
}
'';
address = "127.0.0.1:53";
verbosity = "warn";
};
settings = (import ../../misc/dcompass_settings.nix { inherit pkgs; });
};
}
71 changes: 71 additions & 0 deletions misc/dcompass_settings.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
{ pkgs }: {
cache_size = 1024;
upstreams = {
domestic = { hybrid = [ "feic" "ali" "aliudp" ]; };

secure = { hybrid = [ "cloudflare" "google" "switch" "a-and-a" ]; };

feic = { udp = { addr = "[240C::6666]:53"; }; };

aliudp = { udp = { addr = "223.5.5.6:53"; }; };

ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; };

cloudflare = {
https = {
timeout = 4;
# addr = "2606:4700:4700::1111";
addr = "104.16.248.249";
uri = "https://cloudflare-dns.com/dns-query";
};
};

google = {
https = {
timeout = 4;
addr = "8.8.8.8";
uri = "https://dns.google/dns-query";
};
};

a-and-a = {
https = {
timeout = 4;
addr = "217.169.20.22";
uri = "https://dns.aa.net.uk/dns-query";
};
};

switch = {
https = {
timeout = 4;
addr = "130.59.31.248";
uri = "https://dns.switch.ch/dns-query";
};
};
};
script = ''pub async fn init() {
let domain = Domain::new()
// .add_file("${pkgs.chinalist}/google.china.raw.txt")?
// .add_file("${pkgs.chinalist}/apple.china.raw.txt")?
.add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")?
.add_qname("flibrary.info")?
.seal();
Ok(#{"domain": Utils::Domain(domain)})
}
pub async fn route(upstreams, inited, ctx, query) {
// if query.first_question?.qtype == "AAAA" { return blackhole(query); }
if inited.domain.0.contains(query.first_question?.qname) {
// query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?;
upstreams.send_default("domestic", query).await
} else {
upstreams.send("secure", CacheMode::Standard, query).await
}
}
'';
address = "127.0.0.1:53";
verbosity = "warn";
}
Binary file modified secrets/dae_config.age
Binary file not shown.

0 comments on commit ea91d30

Please sign in to comment.