I would prefer using DNS over HTTPS (DoH) to increase privacy and security. Mozilla Firefox is the first web browser implementing DoH, and many other browsers follow. But how can I utilize DoH for the non-browser DNS request or enable DoH on each device that connects to my home network?
Pi-hole has a document to configure DNS-Over-HTTPS. To automate the install and configure Cloudfared on a Raspberry Pi running Raspbian, I create a bash script. I also add the steps to lock down the cloudfared account.
Here are how set up Cloudfared DoH using the script.
- Make sure the Pi-hole is set up on your Raspberry Pi. See my post “Set up Pi-hole on a Raspberry Pi”.
- Download the script from my Github on your Raspberry Pi
- curl -O https://raw.githubusercontent.com/sfitpro/pi-hole/master/setup.cloudflared.doh.for.pi-hole.sh
- Grant the execution permission to the script
- chmod +x setup.cloudflared.doh.for.pi-hole.sh
- Run the script
- sudo ./setup.cloudflared.doh.for.pi-hole.sh
- Configure the Pi-hole to use custom Upstream DNS server 127.0.0.1#5053
If all the setup is correct, you will notice the DNS queries on Pi-hole are answered by localhost.
