--- title: 【记录】自建去广告的DoH服务器 urlname: Self-built-ad-blocking-DoH-server date: 2023-10-28 20:56:54 tags: [DoH, adguard] --- ## 进行部署 + [反代服务](/Docker-bu-shu-Nginx-Proxy-Manager) ```bash mkdir -p ~/app/adguard && cd ~/app/adguard && nano docker-compose.yml sudo docker-compose up -d # 面板端口 3000 # /opt/adguardhome/letsencrypt/live/npm-1/fullchain.pem # /opt/adguardhome/letsencrypt/live/npm-1/privkey.pem sed -i 's/allow_unencrypted_doh: false/allow_unencrypted_doh: true/' ./conf/AdGuardHome.yaml && sudo docker-compose restart ``` ```yml version: '3.3' services: adguard: restart: unless-stopped volumes: - './work:/opt/adguardhome/work' - './conf:/opt/adguardhome/conf' - '/root/base/NGPM/letsencrypt:/opt/adguardhome/letsencrypt' - '/etc/localtime:/etc/localtime:ro' image: adguard/adguardhome:latest networks: default: external: true name: ngpm ``` ![](https://img.limour.top/2023/10/28/653d065c29ba1.webp) ## DNS设置 + 导航栏-设置-DNS设置 + DNS 服务配置中启用DNSSEC ![](https://img.limour.top/2023/10/28/653d06f4936f9.webp) ![](https://img.limour.top/2023/10/28/653d07482ee29.webp) ## DoH设置 + 导航栏-设置-DNS设置 + 加密中启用加密 + 证书可以设置为npm自动申请的证书 + 反代 `/dns-query`, `token`保密不要泄露 + `token`后面没有`/`, `dns-query`后面有`/` + 在chrome的设置-隐私和安全-安全-DNS中填入`https://my.com/token` + 回到仪表盘,看看有没有记录到DNS查询 ![](https://img.limour.top/2023/10/28/653d07f74eedb.webp)