_ _ _ _ __| | ___ | |__ | (_) / _` |/ _ \| '_ \| | | | (_| | (_) | | | | | | \__,_|\___/|_| |_|_|_|
dohli (pronounced do-kh-li) is a simple and easy to deploy DNS-over-HTTPS (DoH) server that blocks ads and malicious sites.
One of the central points of critique against DoH, is the centralization of data: the big companies that power the internet-scale DoH servers used by default by applications like web browsers, are granted the privilege of unique access to browsing data that spans multiple sites or devices, risking the privacy and security of users.
User-owned DoH servers are a way to solve this problem. In addition, they provide an additional layer of privacy, by masking the DoH client address. Also, DoH servers like dohli, that use a random DNS server for each query, give each company a partial view of the user's browsing habits.
dohli is written in Go.
It performs the actual resolving work using traditional DNS over UDP.
It uses Redis to cache DNS responses, and as a job queue.
A worker container gets notified each time a new domain name is resolved, then checks whether or not this domain should be blocked, against Steven Black's unified domain blacklist, the Energized Protection domain blacklist and URLHaus.
If yes, blocking is performed by inserting a cache entry that has no expiration time. Therefore, dohli needs some time for "training" and the client's DNS cache must expire, before ads are blocked.
Every day, dohli's CI/CD pipeline deploys the
master branch to
https://dohli.herokuapp.com, with an updated domain blacklist.
/dns-query to the web URL and configure your DoH client to use this as the DoH server.
For example, DoH clients that use the dohli instance deployed by CI/CD should use
heroku create -s container --addons heroku-redis heroku redis:maxmemory $ADDON_NAME --policy allkeys-lru git push heroku master heroku ps:scale web=1 worker=1
dohli is free and unencumbered software released under the terms of the MIT license; see COPYING for the license text.
The ASCII art logo at the top was made using FIGlet.