diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 53e6c13..0e6ce97 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -8,10 +8,13 @@ This setting is **disabled** by default. You need to know that anyone who knows your server's IP can make a DNS request to it. It may be used to perform [amplification attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack#Amplification)! -To use AdGuard Home in your domestic network, you don't need to activate this. -You simply have to use your local IP adress (like `192.168.0.1` or so) as DNS IP for your IT hardware at home. +To use AdGuard Home in your home network, you don't need to activate this setting. +You simply have to use the private IP adress of your server (like `192.168.0.1` or so) as DNS IP for your IT hardware at home. +The right IP to use are shown in the "Setup Guide" page of your AdGuard Home instance. -Warning: you should not have public IPs of the config file if the port 53 is not exposed on Internet (else: AGH crashes) +If you would expose the port 53 on Internet, you'll be able to use the public IP of your server (the same as in your domain name DNS settings) on any device outside your home network. + +**Warning:** you should not have public IPs of the config file if the port 53 is **not exposed** on Internet (else: AGH crashes) They should be automatically removed when upgrading this package or when modifiying this port 53 exposure setting, but it's in the docs just in case. You can remove them in your config file `/var/www/adguardhome/AdGuardHome.yaml` in the `dns: bind_hosts:` section. Any IP that doesn't start with the folowing are public ones: @@ -20,13 +23,13 @@ Any IP that doesn't start with the folowing are public ones: - `169.` - `172.` - `192.168.` +- `fcxx:` (where the `x` can be any hexadecimal character) - `fdxx:` (where the `x` can be any hexadecimal character) - `fe80:` So, any other IP should be a public one. -Restart AdGuard Home after applying the needed edits: -`yunohost service restart adguardhome` +Restart AdGuard Home after applying the needed edits: `yunohost service restart adguardhome` ## Enable DNS over HTTP and DNS over QUIC? @@ -35,7 +38,7 @@ This setting is **disabled** by default. You need to know that anyone who knows your AdGuard Home domain-name can make a DNS request to it. It may be used to perform [amplification attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack#Amplification)! It's really important to use the configuration panel to deactivate this setting, and **NOT** the built-in setting in the AdGuardHome interface. -This is because YunoHost needs to perform actions such as automatically opening or closing the server's ports, which cannot be done without going through the configuration panel. +This is because YunoHost needs to perform actions such as automatically opening or closing the server's ports and refresh the IP to provide to AdGuard Home, which cannot be done without going through the configuration panel. If you host your machine at home, for using DoH or DoQ, you have to open the following ports on your router: diff --git a/doc/PRE_UPGRADE.d/0.107.43~ynh4 b/doc/PRE_UPGRADE.d/0.107.43~ynh4 index f875c5c..ca9c173 100644 --- a/doc/PRE_UPGRADE.d/0.107.43~ynh4 +++ b/doc/PRE_UPGRADE.d/0.107.43~ynh4 @@ -7,6 +7,9 @@ Applications → AdGuard Home → AdGuard Home configuration - Expose port 53 to the Internet? - Enable DNS-over-HTTPS/QUIC? +It's really important to use the configuration panel to activate or deactivate the DNS-over-HTTPS/QUIC setting, and **NOT** the built-in setting in the AdGuardHome interface. +This is because YunoHost needs to perform actions such as automatically opening or closing the server's ports and refresh the IP to provide to AdGuard Home, which cannot be done without going through the configuration panel. + This update is at risk of crashing AdGuard Home, so: If any trouble or question, please refer to [the package's admin docs](https://github.com/YunoHost-Apps/adguardhome_ynh/blob/master/doc/ADMIN.md)! ^w^ If needed and a similar issue does not already exist, please [open an issue on the GitHub's package page](https://github.com/YunoHost-Apps/adguardhome_ynh/issues)!