I have a fedora system i was using fot with systemd resolved but i want it use doh how can i do it.
# Set up DoH client
sudo dnf install dnscrypt-proxy
sudo sed -i -r -e "s|^(dnscrypt_servers\s=\s).*$|\1false|" \
/etc/dnscrypt-proxy/dnscrypt-proxy.toml
sudo mkdir -p /var/cache/dnscrypt-proxy
sudo systemctl --now enable dnscrypt-proxy.service
# Discard DNS provided by NM
sudo tee /etc/NetworkManager/conf.d/00-custom.conf << EOF > /dev/null
[main]
dns=none
systemd-resolved=false
EOF
sudo systemctl restart NetworkManager.service
# Make systemd-resolved use DoH client
sudo rm -f -R /run/systemd/resolve/netif
sudo mkdir -p /etc/systemd/resolved.conf.d
sudo tee /etc/systemd/resolved.conf.d/00-custom.conf << EOF > /dev/null
[Resolve]
DNS=127.0.0.1
EOF
sudo systemctl restart systemd-resolved.service
This is a hard process and does not seems like a reversible process.
Since neither NetworkManager nor systemd-resolved directly support DoH, setting it up system-wide requires some effort, no matter which method you decide to use.
On the other hand, you can simply utilize DoH in the browser if you don’t need it to operate system-wide.
1 Like