I have use the above configuration "as is" with my installed nginx/1.21.3, except I changed the cert path to my certbot generated key/cert and I removed listening on the udp port 53.
I have tried with my Android phone using private DNS and it failed. I also tried the following command, which prints out bad gateway after a few seconds
Is the njs.d code and the following config working? https://github.com/TuxInvader/nginx-dns/blob/master/examples/nginx-doh-and-dot-to-dns.conf
I have use the above configuration "as is" with my installed nginx/1.21.3, except I changed the cert path to my certbot generated key/cert and I removed listening on the udp port 53.
I have tried with my Android phone using private DNS and it failed. I also tried the following command, which prints out bad gateway after a few seconds
curl -s -H 'accept: application/dns+json' 'https://myprivdns.xxx/dns-query?name=google.com&type=A'
In /var/log/nginx/error.log I see:
2021/10/24 02:39:15 [warn] 13833#13833: 17 js: process_doh_request: QS Params: name=google.com,type=A 2021/10/24 02:39:15 [warn] 13833#13833: 17 js: process_doh_request: DNS Req: GET /dns-query?name=google.com&type=A HTTP/1.1 2021/10/24 02:39:17 [error] 13833#13833: *15 upstream prematurely closed connection while reading response header from upstream, client: 68.5.189.64, server: , request: "GET /dns-query?name=google.com&type=A HTTP/2.0", upstream: "http://127.0.0.1:8053/dns-query?name=google.com&type=A", host: "myprivdns.xxx"
In /var/log/nginx/doh-access.log I see:
68.5.189.64 - - [24/Oct/2021:02:39:17 +0100] "GET /dns-query?name=google.com&type=A HTTP/2.0" [ 1635039557.830, 2.005, 2.004 . ] 502 157 "-" - - - - - MISS