Logo

Blocky

#dns #lang-go 

Blocky is a DNS proxy and ad-blocker for the local network written in Go.

Note

In this guide we use it to setup a our own DoH (DNS over HTTPS) server. It can also be configured as a standard DNS and DoT (DNS over TLS) server. But you won’t be able to run it on standard ports 53 and 853. We only cover DoH in this guide.

---

Note

For this guide you should be familiar with the basic concepts of

• domains

• supervisord

• web backends

Installation

We create the working directory, download the latest version and extract the file.

[isabell@stardust ~]$ mkdir blocky
[isabell@stardust ~]$ cd blocky
[isabell@stardust blocky]$ wget https://github.com/0xERR0R/blocky/releases/download/v0.25/blocky_v0.25_Linux_x86_64.tar.gz
[isabell@stardust blocky]$ tar -xzf blocky_v0.25_Linux_x86_64.tar.gz
[isabell@stardust blocky]$ rm blocky_v0.25_Linux_x86_64.tar.gz
[isabell@stardust blocky]$

Configuration

To setup blocky you have to create a config.yml file with your favorite text editor.

upstreams:
  groups:
    default:
      - https://dns.quad9.net/dns-query
blocking:
  denylists:
    ads:
      - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
  clientGroupsBlock:
    default:
      - ads
ports:
  dns:
  http: 4000

Service

Now you should set up a service that keeps blocky alive while you are gone. Create the file ~/etc/services.d/blocky.ini with the following content:

[program:blocky]
directory=%(ENV_HOME)s/blocky
command=%(ENV_HOME)s/blocky/blocky --config config.yml
autostart=yes
autorestart=yes
startsecs=30

After creating the configuration, tell supervisord to refresh its configuration and start the service:

[isabell@stardust ~]$ supervisorctl reread
SERVICE: available
[isabell@stardust ~]$ supervisorctl update
SERVICE: added process group
[isabell@stardust ~]$ supervisorctl status
SERVICE                            RUNNING   pid 26020, uptime 0:03:14
[isabell@stardust ~]$

Web Backend

Note

Blocky should now be running on port 4000.

To make the application accessible from the outside, configure a web backend:

[isabell@stardust ~]$ uberspace web backend set / --http --port <port>
Set backend for / to port <port>; please make sure something is listening!
You can always check the status of your backend using "uberspace web backend list".
[isabell@stardust ~]$

[isabell@stardust ~]$ uberspace web backend set /dns-query --http --port 4000
[isabell@stardust ~]$

Note

This configuration will expose Blocky only to DNS queries. If you wish to use the API or debug interface, set the path in the web backend to /.

Updates

Note

Check the update feed regularly to stay informed about the newest version.

Change the version and repeat the installation step.

---

Tested with Blocky 0.25, Uberspace 7.16.3

Written by: Thomas Johnson <https://johnson.tj/>