From 57927b1483e7c144e62011aaa018eeb15da1b2d2 Mon Sep 17 00:00:00 2001
From: Tran Hau <ngtranhau@gmail.com>
Date: Sun, 2 Feb 2020 11:52:14 +0700
Subject: [PATCH] install dnscrypt

---
 install-dnscrypt.md | 58 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 install-dnscrypt.md

diff --git a/install-dnscrypt.md b/install-dnscrypt.md
new file mode 100644
index 0000000..71456c2
--- /dev/null
+++ b/install-dnscrypt.md
@@ -0,0 +1,58 @@
+# Install DNSCrypt
+
+What is DNSCrypt? Why use DNSCrypt? These questions can be answered by simple Google search, and I don't know where to start.
+
+This guide is thing I save for myself, so be careful.
+
+---
+
+Assume you use Archlinux and NetworkManager, because I use those.
+
+Read [dnscrypt-proxy](https://wiki.archlinux.org/index.php/Dnscrypt-proxy).
+Read [dnsmasq](https://wiki.archlinux.org/index.php/Dnsmasq).
+Read [NetworkManager](https://wiki.archlinux.org/index.php/NetworkManager).
+
+---
+
+Install dnscrypt-proxy, dnsmasq.
+
+Edit `/etc/dnscrypt-proxy/dnscrypt-proxy.toml`:
+
+- Change `listen_addresses` option:
+
+```toml
+listen_addresses = ['127.0.0.1:53000', '[::1]:53000']
+```
+
+- Change `server_names` option to use Cloudflare:
+
+```toml
+server_names = ['cloudflare', 'cloudflare-ipv6']
+```
+
+Edit `/etc/resolv.conf`:
+
+```txt
+nameserver ::1
+nameserver 127.0.0.1
+options edns0 single-request-reopen
+```
+
+Edit `/etc/dnsmasq.conf`:
+
+```txt
+cache-size=1000
+no-resolv
+server=::1#53000
+server=127.0.0.1#53000
+listen-address=::1,127.0.0.1
+```
+
+Edit `/etc/NetworkManager/conf.d/dns.conf` to prevent NetworkManager change `/etc/resolv.conf`:
+
+```txt
+[main]
+dns=none
+```
+
+Finally, restart `NetworkManager.service` and start/enable `dnscrypt-proxy.service`, `dnsmasq.service`.