- 
                Notifications
    You must be signed in to change notification settings 
- Fork 1.1k
Manually updating your DNSCrypt server
        Frank Denis edited this page Sep 24, 2019 
        ·
        7 revisions
      
    This guide assumes you're using the jedisct1/dnscrypt-server docker image to run the server.
If you prefer to automate this you can use v2tec/watchtower.
- Back up the keys if you haven't already done so:
docker cp dnscrypt-server:/opt/dnscrypt-wrapper/etc/keys ~
# We don't need the short-term keys
rm -rf ~/keys/short-term- Pull the new images:
docker pull jedisct1/dnscrypt-server- Stop the current dnscrypt-server container (and make sure to switch from this server in dnscrypt-proxy if you're using it):
docker stop dnscrypt-server
# Check that it's not running
docker ps- Run a new dnscrypt-server container (called dnscrypt-server-new):
export SERVER="$(cat ~/keys/provider_name | cut -d. -f3-)"
export SERVER_IP="<replace with your external server IP address without the port>"
docker run --ulimit nofile=90000:90000 --name=dnscrypt-server-new -p 443:443/udp -p 443:443/tcp --net=host jedisct1/dnscrypt-server init -N $SERVER -E $SERVER_IP:443
docker update --restart=unless-stopped dnscrypt-server-new- Restore the keys to the new container (first deleting the short-term keys):
docker start dnscrypt-server-new
docker exec dnscrypt-server-new rm -rf /opt/dnscrypt-wrapper/etc/keys/short-term
docker cp ~/keys/. dnscrypt-server-new:/opt/dnscrypt-wrapper/etc/keys
docker restart dnscrypt-server-new- Now check that it's working:
docker ps 
docker logs dnscrypt-server-new- After testing that it's working properly you can remove the old container, images and volume, and then rename the new one:
# This command will ask for confirmation
docker system prune -a --volumes
# Check that dnscrypt-server-new is the only container
docker ps -a
docker rename dnscrypt-server-new dnscrypt-server- Home
- Installation
- Configuration
- Checking that your DNS traffic is encrypted
- Automatic Updates
- Server sources
- Combining blocklists
- Public Blocklist and other configuration files
- Building from source
- Run your own DNSCrypt server in under 10 minutes
- DNS stamps specifications
- Windows Tips
- dnscrypt-proxy in the media
- Planned Features