From 1afd73ad0b50037bdb58130c7a21e080de88ea7d Mon Sep 17 00:00:00 2001 From: Ainar Garipov Date: Fri, 19 Aug 2022 17:36:51 +0300 Subject: [PATCH] Pull request #1572: 4640-imp-upstream-doc Updates #4640. Squashed commit of the following: commit 764b024e7a5a5f6ea2b18b5e13fdc4fa38c49af2 Merge: 7bace870 6856a803 Author: Ainar Garipov Date: Fri Aug 19 17:17:44 2022 +0300 Merge branch 'master' into 4640-imp-upstream-doc commit 7bace870102633a2b8323c5f448ed38b65f4b482 Author: Ainar Garipov Date: Thu Aug 18 19:49:07 2022 +0300 all: imp upstream examples --- CHANGELOG.md | 6 +- client/src/__locales/en.json | 2 + .../Settings/Dns/Upstream/Examples.js | 204 +++++++++--------- client/src/helpers/constants.js | 2 +- openapi/v1.yaml | 11 +- scripts/make/Dockerfile | 3 + 6 files changed, 113 insertions(+), 115 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 12118439..56360e30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,10 @@ and this project adheres to ### Deprecated +- Ports 784 and 8853 for DNS-over-QUIC in Docker images. Users who still serve + DoQ on these ports are encouraged to move to the standard port 853. These + ports will be removed from the `EXPOSE` section of our `Dockerfile` in a + future release. - Go 1.18 support. v0.109.0 will require at least Go 1.19 to build. [#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993 @@ -48,7 +52,7 @@ See also the [v0.107.11 GitHub milestone][ms-v0.107.11]. ### Changed -- DNS-over-QUIC connections now use keepalive. +- DNS-over-QUIC connections now use keptalive. ### Fixed diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json index af748038..ca423562 100644 --- a/client/src/__locales/en.json +++ b/client/src/__locales/en.json @@ -211,12 +211,14 @@ "example_comment_hash": "# Also a comment.", "example_regex_meaning": "block access to domains matching the specified regular expression.", "example_upstream_regular": "regular DNS (over UDP);", + "example_upstream_regular_port": "regular DNS (over UDP, with port);", "example_upstream_udp": "regular DNS (over UDP, hostname);", "example_upstream_dot": "encrypted <0>DNS-over-TLS;", "example_upstream_doh": "encrypted <0>DNS-over-HTTPS;", "example_upstream_doq": "encrypted <0>DNS-over-QUIC;", "example_upstream_sdns": "<0>DNS Stamps for <1>DNSCrypt or <2>DNS-over-HTTPS resolvers;", "example_upstream_tcp": "regular DNS (over TCP);", + "example_upstream_tcp_port": "regular DNS (over TCP, with port);", "example_upstream_tcp_hostname": "regular DNS (over TCP, hostname);", "all_lists_up_to_date_toast": "All lists are already up-to-date", "updated_upstream_dns_toast": "Upstream servers successfully saved", diff --git a/client/src/components/Settings/Dns/Upstream/Examples.js b/client/src/components/Settings/Dns/Upstream/Examples.js index 81d171d3..c17e9456 100644 --- a/client/src/components/Settings/Dns/Upstream/Examples.js +++ b/client/src/components/Settings/Dns/Upstream/Examples.js @@ -8,133 +8,123 @@ const Examples = (props) => ( examples_title:
  1. - 94.140.14.140: {props.t('example_upstream_regular')} + 94.140.14.140, 2a10:50c0::1:ff: {props.t('example_upstream_regular')} +
  2. +
  3. + 94.140.14.140:53, [2a10:50c0::1:ff]:53: {props.t('example_upstream_regular_port')}
  4. udp://unfiltered.adguard-dns.com: example_upstream_udp
  5. - tcp://94.140.14.140: example_upstream_tcp + tcp://94.140.14.140, tcp://[2a10:50c0::1:ff]: example_upstream_tcp +
  6. +
  7. + tcp://94.140.14.140:53, tcp://[2a10:50c0::1:ff]:53: example_upstream_tcp_port
  8. tcp://unfiltered.adguard-dns.com: example_upstream_tcp_hostname
  9. - tls://unfiltered.adguard-dns.com: - - - DNS-over-TLS - , - ]} - > - example_upstream_dot - - + tls://unfiltered.adguard-dns.com: + DNS-over-TLS + , + ]} + > + example_upstream_dot +
  10. - https://unfiltered.adguard-dns.com/dns-query: - - - DNS-over-HTTPS - , - ]} - > - example_upstream_doh - - + https://unfiltered.adguard-dns.com/dns-query: + DNS-over-HTTPS + , + ]} + > + example_upstream_doh +
  11. - quic://unfiltered.adguard-dns.com:784: - - - DNS-over-QUIC - , - ]} - > - example_upstream_doq - - + quic://unfiltered.adguard-dns.com: + DNS-over-QUIC + , + ]} + > + example_upstream_doq +
  12. - sdns://...: - - - DNS Stamps - , - - DNSCrypt - , - - DNS-over-HTTPS - , - ]} - > - example_upstream_sdns - - + sdns://...: + DNS Stamps + , + + DNSCrypt + , + + DNS-over-HTTPS + , + ]} + > + example_upstream_sdns +
  13. - [/example.local/]94.140.14.140: - - - Link - , - ]} - > - example_upstream_reserved - - + [/example.local/]94.140.14.140: + Link + , + ]} + > + example_upstream_reserved +
  14. - {COMMENT_LINE_DEFAULT_TOKEN} comment: - - example_upstream_comment - + {COMMENT_LINE_DEFAULT_TOKEN} comment: + example_upstream_comment +
diff --git a/client/src/helpers/constants.js b/client/src/helpers/constants.js index a5c1d2ee..935e3655 100644 --- a/client/src/helpers/constants.js +++ b/client/src/helpers/constants.js @@ -81,7 +81,7 @@ export const STANDARD_DNS_PORT = 53; export const STANDARD_WEB_PORT = 80; export const STANDARD_HTTPS_PORT = 443; export const DNS_OVER_TLS_PORT = 853; -export const DNS_OVER_QUIC_PORT = 784; +export const DNS_OVER_QUIC_PORT = 853; export const MAX_PORT = 65535; export const EMPTY_DATE = '0001-01-01T00:00:00Z'; diff --git a/openapi/v1.yaml b/openapi/v1.yaml index bdf49383..77eb1a09 100644 --- a/openapi/v1.yaml +++ b/openapi/v1.yaml @@ -4405,7 +4405,7 @@ Validatable TLS settings. 'example': 'certificate_path': '/etc/ssl/example.com.cert' - 'port_dns_over_quic': 784 + 'port_dns_over_quic': 853 'port_dns_over_tls': 853 'port_https': 443 'private_key_path': '/etc/ssl/example.com.key' @@ -4427,7 +4427,7 @@ sent. 'type': 'string' 'port_dns_over_quic': - 'default': 784 + 'default': 853 'description': > The DNS-over-QUIC port. If `0`, DNS-over-QUIC is disabled. 'format': 'int64' @@ -4865,7 +4865,7 @@ 'example': 'certificate_path': '/etc/ssl/example.com.cert' 'enabled': true - 'port_dns_over_quic': 784 + 'port_dns_over_quic': 853 'port_dns_over_tls': 853 'port_https': 443 'private_key_path': '/etc/ssl/example.com.key' @@ -4907,7 +4907,7 @@ DNS-over-TLS and other protocols. 'type': 'boolean' 'port_dns_over_quic': - 'default': 784 + 'default': 853 'description': > The DNS-over-QUIC port. If `0`, DNS-over-QUIC is disabled. 'format': 'int64' @@ -5002,8 +5002,7 @@ * `https://unfiltered.adguard-dns.com/dns-query`: encrypted DNS-over-HTTPS. - * `quic://unfiltered.adguard-dns.com:784`: encrypted DNS-over-QUIC - (experimental). + * `quic://unfiltered.adguard-dns.com`: encrypted DNS-over-QUIC. * `tcp://94.140.14.140`: plain DNS-over-TCP. diff --git a/scripts/make/Dockerfile b/scripts/make/Dockerfile index b87ee360..a940a155 100644 --- a/scripts/make/Dockerfile +++ b/scripts/make/Dockerfile @@ -48,6 +48,9 @@ RUN setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome # 5443 : TCP, UDP : DNSCrypt (alt) # 6060 : TCP : HTTP (pprof) # 8853 : UDP : DNS-over-QUIC (experimental) +# +# TODO(a.garipov): Remove the old, non-standard 784 and 8853 ports for +# DNS-over-QUIC in a future release. EXPOSE 53/tcp 53/udp 67/udp 68/udp 80/tcp 443/tcp 443/udp 784/udp\ 853/tcp 853/udp 3000/tcp 3000/udp 3001/tcp 3001/udp 5443/tcp\ 5443/udp 6060/tcp 8853/udp