1 files changed, 57 insertions, 3 deletions
diff --git a/community/dnscrypt-proxy/config-full-paths.patch b/community/dnscrypt-proxy/config-full-paths.patch
index 0e41f62a29..d237952594 100644
--- a/community/dnscrypt-proxy/config-full-paths.patch
+++ b/community/dnscrypt-proxy/config-full-paths.patch
@@ -3,7 +3,7 @@ new file mode 100644
 index 0000000..8455f8d
 --- /dev/null
 +++ b/dnscrypt-proxy/dnscrypt-proxy.toml
-@@ -0,0 +1,556 @@
+@@ -0,0 +1,610 @@
 +
 +##############################################
 +#                                            #
@@ -106,9 +106,12 @@ index 0000000..8455f8d
 +# http_proxy = 'http://127.0.0.1:8888'
 +
 +
-+## How long a DNS query will wait for a response, in milliseconds
++## How long a DNS query will wait for a response, in milliseconds.
++## If you have a network with *a lot* of latency, you may need to
++## increase this. Startup may be slower if you do so.
++## Don't increase it too much. 10000 is the highest reasonable value.
 +
-+timeout = 2500
++timeout = 5000
 +
 +
 +## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds
@@ -269,6 +272,12 @@ index 0000000..8455f8d
 +block_ipv6 = false
 +
 +
++## TTL for synthetic responses sent when a request has been blocked (due to
++## IPv6 or blacklists).
++
++reject_ttl = 600
++
++
 +
 +##################################################################################
 +#        Route queries for specific domains to a dedicated set of servers        #
@@ -296,6 +305,9 @@ index 0000000..8455f8d
 +
 +# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt'
 +
++## TTL used when serving entries in cloaking-rules.txt
++
++# cloak_ttl = 600
 +
 +
 +###########################
@@ -535,6 +547,15 @@ index 0000000..8455f8d
 +  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
 +  prefix = ''
 +
++  ## Anonymized DNS relays
++
++  [sources.'relays']
++  urls = ['https://github.com/DNSCrypt/dnscrypt-resolvers/raw/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
++  cache_file = 'relays.md'
++  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
++  refresh_delay = 72
++  prefix = ''
++
 +  ## Quad9 over DNSCrypt - https://quad9.net/
 +
 +  # [sources.quad9-resolvers]
@@ -552,6 +573,39 @@ index 0000000..8455f8d
 +  #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
 +
 +
++################################
++#        Anonymized DNS        #
++################################
++
++[anonymized_dns]
++
++## Routes are indirect ways to reach DNSCrypt servers.
++##
++## A route maps a server name ("server_name") to one or more relays that will be
++## used to connect to that server.
++##
++## A relay can be specified as a DNS Stamp (either a relay stamp, or a
++## DNSCrypt stamp), an IP:port, a hostname:port, or a server name.
++##
++## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2``,
++## and "example-server-2" via the relay whose relay DNS stamp
++## is "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM".
++##
++## !!! THESE ARE JUST EXAMPLES !!!
++##
++## Review the list of available relays from the "relays.md` file, and, for each
++## server you want to use, define the relays you want connections to go through.
++##
++## Carefully choose relays and servers so that the are run by different entities.
++##
++## "server_name" can also be set to "*" to define a default route, but this is not
++## recommended. if you do so, keep "server_names" short and distinct from relays.
++
++# routes = [
++#    { server_name='example-server-1', via=['anon-example-1', 'anon-example-2'] },
++#    { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] }
++# ]
++
 +
 +## Optional, local, static list of additional servers
 +## Mostly useful for testing your own servers.