search

notthebee / ansible-easy-vpn

An Ansible playbook that sets up a Wireguard server with ad blocking, DNS-over-HTTPS, and a WebUI with 2FA
Other
1.04k stars 250 forks source link

Using AdGuard for home network DNS #192

Closed Drknz056 closed 1 year ago

Drknz056 commented 1 year ago

Hi Wolfgang,

Just wondering if it would be possible to use the AdGuard server setup in the script as a home DNS service. The issue I'm having is I'd like my home DNS to run through AdGuard as well as when I'm connected to the WireGuard VPN.

I've installed Portainer and tried putting the adguard-unbound-doh container on the same network as my local VPS (bridge). However, I can only seem to access the interface from the domain URL created during setup and doesn't work when I point my router to the VPS IP.

Hopefully, this is possible as it would be ideal instead of running separate instances of AdGuard (If that's possible?).

notthebee commented 1 year ago

This is by design. Using the Adguard instance on another computer would require you to expose the DNS port to the outside world, making it publicly available.

This is a bad idea and will open up your server for various attacks.

Because of that, using the Adguard instance from a different computer is not a supported use case

yusyel commented 9 months ago

@notthebee

Hey there, I actually tested this. You can still use adguard dns over https address without opening port 53 publicly.

You can't dig plain address but you can dig ip address with +doh.

do you think this secure with this way? Also configured firewalld allowed only 22,443.