YunoHost-Apps/adguardhome_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/adguardhome_ynh.git synced 2024-09-03 18:06:23 +02:00
Code Issues Activity Actions

add docs

Browse source
This commit is contained in:
OniriCorpe 2023-12-27 06:01:21 +01:00
parent ac4223c5d6
commit 8734f31e98
2 changed files with 50 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
doc/ADMIN.md Normal file
View file

@ -0,0 +1,44 @@
# Admin notebook of YunoHost's AdGuard Home
You want to be sure to understand the config settings? You're at the right place! ^w^
## Expose port 53 to the Internet?
This setting is **disabled** by default.
You need to know that anyone who knows your server's IP can make a DNS request to it. It may be used to perform [amplification attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack#Amplification)!
To use AdGuard Home in your domestic network, you don't need to activate this.
You simply have to use your local IP adress (like `192.168.0.1` or so) as DNS IP for your IT hardware at home
Warning: you should not have public IPs of the config file if the port 53 is not exposed on Internet (else: AGH crashes)
You can remove them in your config file `/var/www/adguardhome/AdGuardHome.yaml` in the `dns: bind_hosts:` section
Any IP that doesn't start with the folowing are public ones:
- `10.`
- `169.`
- `172.`
- `192.168.`
- `fdxx:` (where the `x` can be any hexadecimal character)
- `fe80:`
So, any other IP should be a public one.
Restart AdGuard Home after applying the needed edits:
`yunohost service restart adguardhome`
## Enable DNS over HTTP and DNS over QUIC?
This setting is **disabled** by default.
You need to know that anyone who knows your AdGuard Home domain-name can make a DNS request to it. It may be used to perform [amplification attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack#Amplification)!
It's really important to use the configuration panel to deactivate this setting, and **NOT** the built-in setting in the AdGuardHome interface.
This is because YunoHost needs to perform actions such as automatically opening or closing the server's ports, which cannot be done without going through the configuration panel.
If you host your machine at home, for using DoH or DoQ, you have to open the following ports on your router:
- `853` in TCP & UDP (for DNS over HTTP)
- `784` in UDP (for DNS over QUIC)
Then you can use `https://adguard.example.com/dns-query` (where `adguard.example.com` is the domain-name associated to your AdGuard Home) as a DoH or DoQ DNS server for your devices. ^w^

7
doc/PRE_UPGRADE.d/0.107.43~ynh4
View file

@ -5,4 +5,9 @@ From this 0.107.43~ynh4 version, some things have changed:
To activate either of these features, please use the config panel:
Applications → AdGuard Home → AdGuard Home configuration
- Expose port 53 to the Internet?
- Enable DNS-over-HTTPS/QUIC?
- Enable DNS-over-HTTPS/QUIC?
This update is at risk of crashing AdGuard Home
If any trouble or question, please refer to [the package's admin docs](https://github.com/YunoHost-Apps/adguardhome_ynh/blob/master/doc/ADMIN.md)! ^w^
If needed and a similar issue does not already exist, please [open an issue on the GitHub's package page](https://github.com/YunoHost-Apps/adguardhome_ynh/issues)!