banner
libxcnya.so

libxcnya.so

Nothing...
telegram
twitter
github
email
HomeArchives

Set up your own ADGuard Home DNS

#DNS#搭建#ADGuard#腾讯云112
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This article provides a guide on how to set up an ADGuard DNS on a domestic server to block ads on Chinese apps. It includes instructions on installation, configuration, and troubleshooting. The article also suggests setting the server's IP as the DNS for routers or devices to enable ad filtering. The author recommends searching online for ad filtering rules. The article concludes with a request for readers to share the article and consider sponsoring the author.

Preface#

Recently, it may be that I bought a domestic server and didn't use it, so it's better to make use of it to build an ADGuard DNS to remove ads for the poor and pitiful APPs in China.

Requirements#

  • One server (preferably in the same country as you, please pay attention to local laws)
  • Server supports opening port 53
  • One brain
  • Two hands

Installation#

One-click script:

curl -sSL https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh

If it is a server in mainland China, you can use a mirror source

curl -sSL https://mirror.ghproxy.com/https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh

1

The installation is complete as shown in the figure, proceed to the next step.

Configuration#

Open a browser and visit http://<server IP>:3000

2

Click on "Start Configuration", and you can enter your preferred port for the web management.

3

Oh, what's going on here? Don't worry, let's find the cause (if you don't have this problem, skip to the next step).

Troubleshooting

Enter lsof -i:53 and you will get

root@VM-0-9-ubuntu:~# lsof -i:53
COMMAND   PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 698 systemd-resolve   12u  IPv4  10013      0t0  UDP 127.0.0.53:domain
systemd-r 698 systemd-resolve   13u  IPv4  10014      0t0  TCP 127.0.0.53:domain (LISTEN)
named     725            bind   23u  IPv4  11889      0t0  UDP localhost:domain
named     725            bind   24u  IPv4  11898      0t0  UDP localhost:domain
named     725            bind   26u  IPv4  13187      0t0  TCP localhost:domain (LISTEN)
named     725            bind   27u  IPv4  13187      0t0  TCP localhost:domain (LISTEN)
named     725            bind   28u  IPv4  13187      0t0  TCP localhost:domain (LISTEN)
named     725            bind   29u  IPv4  11901      0t0  UDP 10.0.16.17:domain
named     725            bind   30u  IPv4  11902      0t0  UDP 10.0.16.17:domain
named     725            bind   32u  IPv4  11907      0t0  TCP 10.0.16.17:domain (LISTEN)
named     725            bind   33u  IPv4  11907      0t0  TCP 10.0.16.17:domain (LISTEN)
named     725            bind   34u  IPv4  11907      0t0  TCP 10.0.16.17:domain (LISTEN)
named     725            bind   35u  IPv6  11908      0t0  UDP ip6-localhost:domain
named     725            bind   36u  IPv6  11912      0t0  UDP ip6-localhost:domain
named     725            bind   37u  IPv6  11913      0t0  TCP ip6-localhost:domain (LISTEN)
named     725            bind   38u  IPv6  11913      0t0  TCP ip6-localhost:domain (LISTEN)
named     725            bind   39u  IPv6  11913      0t0  TCP ip6-localhost:domain (LISTEN)
named     725            bind   40u  IPv6  11914      0t0  UDP [fe80::5054:ff:fe5e:b356]:domain
named     725            bind   41u  IPv6  11921      0t0  UDP [fe80::5054:ff:fe5e:b356]:domain
named     725            bind   42u  IPv6  11922      0t0  TCP [fe80::5054:ff:fe5e:b356]:domain (LISTEN)
named     725            bind   43u  IPv6  11922      0t0  TCP [fe80::5054:ff:fe5e:b356]:domain (LISTEN)
named     725            bind   44u  IPv6  11922      0t0  TCP [fe80::5054:ff:fe5e:b356]:domain (LISTEN)

You can see that two processes are occupying port 53. Let's solve the named first.

systemctl stop bind9
systemctl disable bind9

Then lsof again

root@VM-0-9-ubuntu:~# lsof -i:53
COMMAND   PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 698 systemd-resolve   12u  IPv4  10013      0t0  UDP 127.0.0.53:domain
systemd-r 698 systemd-resolve   13u  IPv4  10014      0t0  TCP 127.0.0.53:domain (LISTEN)

You can see that named is gone~~(if you like, you can also apt purge bind9 directly)~~
Then let's solve systemd-r

mkdir -p /etc/systemd/resolved.conf.d
touch /etc/systemd/resolved.conf.d/adguardhome.conf
mv /etc/resolv.conf /etc/resolv.conf.backup
ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

Then write the following content to /etc/systemd/resolved.conf.d/adguardhome.conf using your favorite editor

[Resolve]
DNS=127.0.0.1
DNSStubListener=no

Then enter the following command

systemctl restart systemd-resolved

Then there should be no process occupying port 53

root@VM-0-9-ubuntu:~# lsof -i:53
root@VM-0-9-ubuntu:~#

4

Refresh the page, and there should be no problem.
Click "Next" to set up the administrator account and password.

5

6

Next

7

Then it's basically done. Click "Open Dashboard" to log in.

8

Then click "Settings → DNS Settings → Upstream DNS Servers" in order.

9

Enter your preferred DNS (supports pure DNS, DoH, DoT, etc.)

13

Then add a Bootstrap server. Here, please be sure to fill in the most popular DNS in your area, otherwise the domain names of the upstream DNS servers cannot be resolved (if any).

10

You can also add a backup (if the upstream server goes down, this will be used).

11

The sensitive information is blurred here, but it doesn't matter. I deleted the server I used in the tutorial.
Then test it, and if there are no issues, click "Save".

14

Then the setup is complete. Now, set the DNS of your home router (DHCP settings) or device to your server's IP address.
For ad filtering rules, please search online~

FAQ#

  • Q: I don't have the qualifications to build a DNS server, but I just want to use it for myself. What should I do?
  • A: You can be a little clever here and only open port 53 for your own home network in the server's security group (I don't know if there will be any problems, but I have been using it for almost a month without any issues). If you are still worried, you can uninstall the agent of the service provider, which can be found by searching online for major companies.

12

  • Q: After setting up the DNS, I can't use the service provider's internal mirror source. What should I do?
  • A: Add your service provider's internal DNS to /etc/resolv.conf. Here, I will use Tencent Cloud as an example. If you have a normal purchased server or a lightweight cloud server and you didn't modify the network settings when purchasing, it is usually a VPC network. After clearing /etc/resolv.conf, enter the following content and save it:
nameserver 183.60.83.19
nameserver 183.60.82.98

For other providers or other types, you can find them by searching online.

Conclusion#

If you find this article helpful, please share it with friends who need it. If you can sponsor the author's cat, it would be even better~ See you Next Time~

This article is synchronized and updated to xLog by Mix Space.
The original link is https://blog.nekorua.com/posts/build/97.html

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.