Skip to content

klutchell/dnscrypt-proxy-docker

12 Branches18 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

klutchell-renovate[bot]klutchell-renovate[bot]
Merge pull request #539 from klutchell/renovate/product-os-flowzone-1…
Mar 24, 2025
1dc325c · Mar 24, 2025

History

1,094 Commits
.github
.github
Mar 24, 2025
dnsprobe
dnsprobe
Apr 2, 2023
.pre-commit-config.yaml
.pre-commit-config.yaml
Oct 2, 2024
Dockerfile
Dockerfile
Mar 10, 2025
LICENSE
LICENSE
Feb 25, 2019
README.md
README.md
Oct 2, 2024
dnscrypt-proxy.toml
dnscrypt-proxy.toml
Aug 2, 2022
docker-bake.hcl
docker-bake.hcl
Dec 8, 2022
docker-compose.test.yml
docker-compose.test.yml
Feb 17, 2025
docker-compose.yml
docker-compose.yml
Nov 23, 2022

Repository files navigation

dnscrypt-proxy multiarch docker image

Docker Pulls Docker Stars

dnscrypt-proxy is a flexible DNS proxy, with support for encrypted DNS protocols.

Architectures

The architectures supported by this image are:

  • linux/amd64
  • linux/arm64
  • linux/arm/v7
  • linux/arm/v6

Simply pulling klutchell/dnscrypt-proxy should retrieve the correct image for your arch.

Build

# enable docker buildkit and experimental mode
export DOCKER_BUILDKIT=1
export DOCKER_CLI_EXPERIMENTAL=enabled

# build local image for native platform
docker build . --tag klutchell/dnscrypt-proxy

# cross-build for another platform
docker build . --tag klutchell/dnscrypt-proxy --platform linux/arm/v7

Test

# run DNS lookup on local image
docker run --rm -d --name dnscrypt klutchell/dnscrypt-proxy
docker run --rm -it --link dnscrypt uzyexe/drill -p 5053 dnscrypt.info @dnscrypt
docker stop dnscrypt

Usage

Official project wiki: https://github.com/DNSCrypt/dnscrypt-proxy/wiki

# print version info
docker run --rm klutchell/dnscrypt-proxy --version

# print general usage
docker run --rm klutchell/dnscrypt-proxy --help

# run dnscrypt proxy server on host port 53
docker run -p 53:5053/tcp -p 53:5053/udp klutchell/dnscrypt-proxy

# run dnscrypt proxy server with configuration mounted from a host directory
# note that the files in the configuration directory '/path/to/config' must be
# readable by world, or owned by nobody:nogroup, and the directory itself must be
# writeable by world, or owned by nobody:nogroup
docker run -p 53:5053/udp -v /path/to/config:/config klutchell/dnscrypt-proxy

Probes

This image includes a small DNS client called dnsprobe that can be used to set up health probes. dnsprobe is located in /usr/local/bin/dnsprobe.

This binary can be used as a probe to tell orchestration systems whether dnscrypt-proxy is ready to serve queries, or otherwise healthy. For example, in Kubernetes environments, liveness and readiness probes could be defined as follows:

readinessProbe:
  timeoutSeconds: 1
  failureThreshold: 1
  periodSeconds: 5
  exec:
    command:
      - /usr/local/bin/dnsprobe
      - google.com
      - 127.0.0.1:5053
livenessProbe:
  timeoutSeconds: 3
  failureThreshold: 3
  periodSeconds: 5
  initialDelaySeconds: 30
  exec:
    command:
      - /usr/local/bin/dnsprobe
      - google.com
      - 127.0.0.1:5053

dnsprobe asks the nameserver supplied in the second argument to resolve the name supplied as the first argument. It will exit with non-zero code if:

  • Any network error occurs, or the response times out after 5 seconds
  • The DNS server returns an error (e.g. NXDOMAIN)
  • The DNS server returns an empty list of records

Author

Kyle Harding https://klutchell.dev

Buy me a beer

Contributing

Please open an issue or submit a pull request with any features, fixes, or changes.

Acknowledgments

Original software is by the DNSCrypt project: https://dnscrypt.info/

About

dnscrypt-proxy multiarch docker image

dnscrypt.info

Topics

dnscrypt-proxy

Resources

Readme

License

MIT license
Activity

Stars

102 stars

Watchers

5 watching

Forks

20 forks
Report repository

Releases

18 tags

Packages 1

Contributors 11

Languages