This is a quick intro with how to use lokinet with dnscrypt-proxy on ubuntu/debian based distros to secure your dns queries from spying eyes, as requested by someone on an XMPP muc.
You want to first install
# apt update # apt install dnscrypt-proxy
lokinet see this blog post on how to do that.
By default your system will want to use
dnscrypt-proxy as system resolver, this is fine as you can always forward dns for
.snode to lokinet.
/etc/dnscrypt-proxy/dnscrypt-proxy.toml you want to add an option to provide a fowarding file:
forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt'
In a new file at
/etc/dnscrypt-proxy/forwarding-rules.txt'put the following forwarding rules:
loki 127.3.2.1 snode 127.3.2.1 0.10.in-addr.arpa 127.3.2.1
The first rule says to forward the
.loki gtld to lokinet …