. Skip to main content

DNS-over-HTTPS in the Pi-hole

1 min read

On the Raspberry pi install the dnss package

apt install dnss

Edit the settings to make it listsn on port 5053, normally it listens on 53

vi /etc/systemd/system/sockets.target.wants/dnss.socket

# Sockets for dnss.
#
# This lets dnss run unprivileged.
# We typically want one UDP and one TCP socket.

[Socket]
ListenDatagram=5053
ListenStream=5053

[Install]
WantedBy=sockets.target

And restart the service, because the pi-hole is running starting probably failed right after installation, port 53 is in use

systemctl restart dnss.socket

In the Pi-hole admin web interface under settings find the tab DNS and adjust the upstream DNS Server to the dnss installation

Pi-Hole - Upstream DNS Servers

And we're good to go. dnss uses by default dns.google.com.