A few months ago I went on a quest for a DNS server and was dissatisfied with current maintained projects. They were either good at adblocking (Blocky, grimd…) or good at specifying custom DNS (CoreDNS…).

So I forked grimd and embarked on rewriting a good chunk of it for it to address my needs - the result is leng.

  • it is fast
  • it is small
  • it is easy
  • you can specify blocklists and it will fetch them for you
  • you can specify custom DNS records with proper zone file syntax (SRV records, etc)
  • it supports DNS-over-HTTPS so you can stay private
  • it is well-documented
  • can be deployed on systemd, docker, or Nix

I have been running it as my nameserver in a Nomad cluster since! I plan to keep maintaining and improving it, so feel free to give it a try if it also fulfils your needs

    • nico@r.dcotta.euOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      I am working on adding a feature comparison to the docs. But in the meantime: leng has less features (like no web UI, no DHCP server) which means it is lighter (50MB RAM vs 150MB for adguard, 512MB for pihole), and easier to reproducibly configure because it is stateless (no web UI settings).

      I believe blocky and coredns are better comparisons for leng than “tries to achieve it all” solutions like adguard, pihole…

    • pimeys@lemmy.nauk.io
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      You can script this with nix quite easily without needing a UI. For many this is a big plus.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    IP Internet Protocol
    LXC Linux Containers
    PiHole Network-wide ad-blocker (DNS sinkhole)
    VPN Virtual Private Network

    [Thread #282 for this sub, first seen 15th Nov 2023, 10:25] [FAQ] [Full list] [Contact] [Source code]

    • nico@r.dcotta.euOP
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      6
      ·
      1 year ago

      Yes (much simpler) and also allows you to specify custom DNS, which is very useful for more advanced self-hosted deployments - this is something PiHole is just not built to address

      • ShunkW@lemmy.world
        link
        fedilink
        English
        arrow-up
        31
        arrow-down
        1
        ·
        1 year ago

        How is PiHole not built for custom DNS? It literally has an entire management page for that.

        • chiisana@lemmy.chiisana.net
          link
          fedilink
          English
          arrow-up
          9
          ·
          1 year ago

          Last I used PiHole many years back, it was possible to use it as DHCP but not possible to add custom DNS records like TXT, SRV, etc. . Perhaps that’s what OP is trying to solve for?

            • nico@r.dcotta.euOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Including SRV records? I found that some servers (blocky as well) only support very basic CNAME or A records, without being able to specify parameters like TTL, etc.

              I also appreciate being able to define this in a file rather than a web UI

              • AndyM@feddit.de
                link
                fedilink
                English
                arrow-up
                11
                ·
                1 year ago

                It’s based on dnsmasq. You could always specify custom records, even before there was an option in the web interface. Just create a config file in /etc/dnsmasq.d

                Just look up these options: host-record cname srv-host

                • nico@r.dcotta.euOP
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  ·
                  1 year ago

                  Thanks! I didn’t know you could do that. I’ll see how it compares to my current solution

              • Eideen@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                ·
                1 year ago

                I do it via dnsmasq, that Pi uses.

                I have a ansible playbook, that i use to sync my Piholes.

              • ChickenBoo@lemmy.jnks.xyz
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                You can do the basic records via file. /etc/pihole/custom.list is a hosts formatted file for records so you don’t have to use a gui.

        • nico@r.dcotta.euOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Like chiisana@lemmy.chiisana.net said - I want to be able to add my own records (SRV, A, CNAME…) so that I can point to the services hosted in my VPN. CoreDNS is good for this but it doesn’t also do adblocking. If PiHole can do this, I don’t know how.

          I also don’t need a web UI, DHCP server, and so on: I just want a config file and some prometheus metrics

          • jherazob@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Tangential partial offtopic aside: Unless i’m misunderstanding, you’re setting this up behind your home router and allowing it on your various devices using a VPN. Am i right? Any details, or even better, guides, on how to replicate this setup? I guess the DNS records on Leng are to be able to call services inside your home LAN by name instead of IPs, which is a nice quality of life upgrade.

            • nico@r.dcotta.euOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              What you described is correct! How to replicate this will depend heavily on your setup.

              In my specific scenario, I make the containers of all my apps use leng as my DNS server. If you use plain docker see here, if you use docker compose you can do:

              version: 2
              services:
               application:
                dns: [10.10.0.0] # address of leng server here!
              

              Personally, I use Nomad, so I specify that in the job file of each service.

              Then I use wireguard as my VPN and (in my personal devices) I set the DNS field to the address of the leng server. If you would like more details I can document this approach better in leng’s docs :). But like I said, the best way to do this won’t be the same if you don’t use docker or wireguard.

              If you are interested in Nomad and calling services by name instead of IP, you can see this tangentially related blog post of mine as well

  • SidewaysHighways@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Damn! In a previous comment somewhere else I had just recently shared my dispair at how I hadn’t found an easy to follow self hosted DNS server.

    I appreciate this immensely and hope to enjoy it once I figure out how to install!

    Keep up any and all good work you feel passionate enough about to crank out helpful things in physical reality.

    • nico@r.dcotta.euOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      If it’s helpful to you it’s helpful in reality!

      If you are having trouble installing or the documentation is not clear, feel free to point it out here or in the issues on github. Personally I think it is simplest to use docker :)

  • Adam@doomscroll.n8e.dev
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    Reads nice but your docs are 404’ing so I can’t investigate much :D

    EDIT. Found it. You’ve got a ‘.com’ instead of a ‘.io’.

  • Chewy@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    This is awesome. I’ve been looking into DNS servers with ad blocking and this seems to be a perfect fit. And it is packaged for Nix, so I’ll definitely give it a go.

    • nico@r.dcotta.euOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      If you mean CNAME flattening I have an issue for it. If you mean recursively resolving CNAME until the end record is found, it does support it.

      For example, if you set a custom record mygoogle.lol IN CNAME google.com Leng will return a response with an A record with a google.com IP address when you visit mygoogle.lol