LI Nick X.com
Blog |Follow Nick on Mastodon| About
 

I have published a Home Assistant Addon for DNSCrypt Proxy.

TLDR:

  1. In the HA Addon-store add my repository 👉🏻 https://github.com/linickx/ha-addons
  2. Install DNSCrypt Proxy (and Start the addon)
  3. Edit /addon_configs/ba53f40c-dnscrypt-proxy/dnscrypt-proxy.toml to suit your needs (restart addon to take effect)
  4. Profit?!

What is DNSCrypt Proxy?

By default DNS traffic (TCP & UDP 53) is not encrypted, i.e. visible to snoopers; not all devices, especially IoT devices support modern encrypted DNS protocols like DoH or DoT so DNSCrypt Proxy is a way of securing DNS for those devices -- they send clear text DNS to the proxy, it encrypts the traffic up to your chosen DNS provider.

Why DNSCrypt Proxy?

This is choice depending on your security preferences/requirements, do you need or want encrypted DNS? Generally encrypting as much of your traffic as you can is a good thing, but if you don't agree that's ok:

How to install DNSCrypt Proxy.

DNSCrypt Proxy is presented as an addon, which are Home Assistant containers, get 3rd party addons you first have to setup a repository,

Step 1 - My Addon Repository

Within Home Assistant, perform the following:

  1. Settings -> Add-ons -> ADD-ON STORE
  2. In the top right 3x Dots, select Repositories
  3. Add https://github.com/linickx/ha-addons

... Using the same top right 3x Dots, click check for updates. It also doesn't hurt to refresh your browser.

Step 2 - Install

With a little luck, now in Home Assistant under Settings -> Add-ons -> ADD-ON STORE, if you scroll to the bottom you should see this:

✨ Click it! ✨

Then, click Install, and once it's installed, click Start.

How to configure DNSCrypt Proxy.

DNSCrypt configuration is a .toml file; the easiest way to edit it in Home Assistant is with the VSCode Add-on, if your a terminal ninja use Vi in SSH.

Edit 👉🏻 /addon_configs/ba53f40c-dnscrypt-proxy/dnscrypt-proxy.toml

File Path Warning!

The DNSCrypt proxy runs as a container, the path you edit (from VSCode/SSH) is different to what the container sees, i.e.

/addon_configs/ba53f40c-dnscrypt-proxy/dnscrypt-proxy.toml == /config/dnscrypt-proxy.toml

So, if you need to include any external files, such as blocklists the use the later container path of /config/

/Done!

 

 
Nick Bettison ©