#!/bin/bash ################################################################################################ ### bash <(curl -fsSL https://raw.lhy.life/cf-doh.sh) --upstream=https://1.1.1.1/dns-query ################################################################################################ ## GetArgValue ## ./script --key=value g_args=("$@") function GetArgValue() { local key="$1" local defvalue="$2" for arg in "${g_args[@]}" do if [[ "$arg" == "--$key="* ]] then echo "${arg#*=}" return fi done echo "$defvalue" } UPSTREAM=$(GetArgValue "upstream" "https://1.1.1.1/dns-query") UPSTREAM_TEMP=$(echo "$UPSTREAM" | grep -oP "https://\K[^/]+(?=/dns-query)") if [ -f "/root/apps/cloudflared/cloudflared" ]; then systemctl stop cloudflared-doh systemctl disable cloudflared-doh rm -rf /root/apps/cloudflared systemctl daemon-reload fi mkdir -p /root/apps/cloudflared && cd /root/apps/cloudflared cp /etc/resolv.conf /etc/resolv.conf.bak echo "nameserver $UPSTREAM_TEMP" > /etc/resolv.conf wget -O "cloudflared" "https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64" chmod +x cloudflared cat < cloudflared-doh.service [Unit] Description=DNS over HTTPS (DoH) proxy client Wants=network-online.target nss-lookup.target Before=nss-lookup.target [Service] AmbientCapabilities=CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_BIND_SERVICE ExecStart=/root/apps/cloudflared/cloudflared proxy-dns --upstream $UPSTREAM --max-upstream-conns 0 [Install] WantedBy=multi-user.target EOF ln -s /root/apps/cloudflared/cloudflared-doh.service /etc/systemd/system/cloudflared-doh.service systemctl daemon-reload systemctl restart cloudflared-doh systemctl enable cloudflared-doh if [ -f /etc/dhcp/dhclient.conf ]; then cp /etc/dhcp/dhclient.conf /etc/dhcp/dhclient.conf.bak sed -i "/^supersede domain-name-servers/d" /etc/dhcp/dhclient.conf echo 'supersede domain-name-servers 127.0.0.1;' >> /etc/dhcp/dhclient.conf fi echo 'nameserver 127.0.0.1' > /etc/resolv.conf echo 'done'