Skip to content

superjcvd/audacious_dns

BranchesTags

Repository files navigation

Audacious DNS

DNS filtering platform with DNS-over-HTTPS (DoH), a web UI, and an API to manage domains, clients, and blocklists.

Architecture

                    Internet (clients)
                              │
                              ▼
    ┌─────────────────────────────────────────────────────────────┐
    │         Reverse proxy (Nginx · audacious_frontend)          │
    │              :80 / :443 · TLS · LetsEncrypt                 │
    └────────────────────┬────────────────────┬───────────────────┘
                         │                    │
           api.<domain>  │                    │  dns.<domain>
                         │                    │  · SPA
                         ▼ SPA calls API      │  · DoH + DNS
                ┌───────────────┐             │
                │ audacious_api │             │
                │ FastAPI :8080 │             ▼
                │               │     ┌─────────────────┐
                └───────┬───────┘     │ audacious_core  │
                        │             │ dnsdist         │
                        │             │ PowerDNS        │
                        ▼             └────────┬────────┘
                ┌────────────────┐             │
                │ database (vol) │             ▼
                └────────────────┘     ┌────────────────┐
                                       │ upstream       │
                                       │ resolvers      │
                                       └────────────────┘

Components

Component Role
Reverse proxy (Nginx in audacious_frontend) Publishes the API, the DoH server, and the frontend SPA. TLS termination, routing by host/path.
Frontend SPA Web UI served at dns.<domain>; talks to the API to manage domains, clients, blocklists.
audacious_api REST API (domains, clients, categories, stats). Feeds blocklist/config to the core.
audacious_core DoH (/dns-query on :5300) and DoT (:853). dnsdist + PowerDNS Recursor; applies policy and recursion.

Requirements

  • Docker and Docker Compose
  • LetsEncrypt certificates for api.<domain>, dns.<domain>, and optional custom domain (e.g. capysecurity.com)
  • Host ports 80, 443 (frontend), and optionally 53, 853 (if exposing core directly)

Quick start

  1. Build images

    docker compose build

  2. Run

    docker compose up -d

  3. Configure
    Edit docker-compose.yaml and the frontend Dockerfile build args: domain, ip_address, custom_domain so Nginx and cert paths match your setup.

  4. Certificates
    Mount your LetsEncrypt dir (e.g. /etc/letsencrypt) into audacious_frontend and audacious_core as in the compose file. Obtain certs with certbot (standalone or DNS challenge) for the hostnames you use.

Project layout

audacious_dns/
├── docker-compose.yaml      # API, core, frontend
├── audacious_api/           # FastAPI app, SQLite, domain/client/blocklist logic
├── audacious_core/          # dnsdist + PowerDNS Recursor config
└── audacious_frontend/      # Nginx configs (templates), static SPA, custom site volume

Contact

Gaël Soudé — superjcvd@hotmail.com

About

DNS Filtering made easy

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages