# WARNING: Use this configuration for testing only! [server] # What port to listen on and where request are supposed to come from listen_on = "127.0.0.1:3000" # What header your reverse proxy sets that contains the real ip-address # Possible Values: Every Variation of SecureClientIpSource in the axum_client_ip package # https://docs.rs/axum-client-ip/latest/axum_client_ip/enum.SecureClientIpSource.html #ip_header = "RightmostXForwardedFor" # When you don't want to use a proxy server: ip_header = "ConnectInfo" # Allow querying of private range ips # enable if you want to use this service # on your internal network for some reason allow_private_ip_lookup = true [dns] # Enable the /dig enpoint allow_forward_lookup = true # Enable reverse lookup, make sure to configure the hidden_suffixes # to contain your locally used domains, to prevent onformation leakage allow_reverse_lookup = true # echoip-sltecave will pretend that domains # that end with one of these suffixes don't exist hidden_suffixes = [".com"] # doesn't really work 🙁 search = ["org","net"] [geoip] # Path to geoip databses # Currently only the mmdb format is supported # Official databases can be obtained from maxmind.com asn_database = "mmdb/GeoLite2-ASN.mmdb" location_database = "mmdb/GeoLite2-City.mmdb" # If anyone knows a free (as in freedom) geoip database # please open an issue so I can integrate it # https://codeberg.org/slatian/service.echoip-slatecave [template] # Path to the template directory, can contain glob patterns template_location = "templates" # Prefixes of user agents that should get a text reponse by default text_user_agents = ["curl/"] [ratelimit] # Configure a Quota for the Rate limiter # Please note that this depends on the ip_header being # configured correctly! # How many requests per minute are allowed # (How fast the leaky bucket drains) per_minute = 20 # How many requests may come in at once # (How much capacity the leaky bucket has) burst = 15 #Note: The ratelimit is implemented using the governor crate [dns.resolver.digitalcourage] display_name = "Digitalcourage" info_url = "https://digitalcourage.de/support/zensurfreier-dns-server" aliases = ["dc","dc3","digitalcourage3"] weight = 990 servers = ["5.9.164.112:853","[2a01:4f8:251:554::2]:853"] protocol = "tls" tls_dns_name = "dns3.digitalcourage.de" [dns.resolver.quad9] display_name = "Quad9" info_url = "https://www.quad9.net/service/service-addresses-and-features/" aliases = ["q9","9999"] weight = 980 servers = ["9.9.9.9:853", "149.112.112.112:853", "[2620:fe::fe]:853", "[2620:fe::9]:853"] protocol = "tls" tls_dns_name = "dns.quad9.net" [dns.resolver.quad9_ecs] display_name = "Quad9 with ecs" info_url = "https://www.quad9.net/service/service-addresses-and-features/" aliases = ["q9ecs","9999ecs","ecs"] weight = 970 servers = ["9.9.9.11:853", "149.112.112.11:853", "[2620:fe::fe:11]:853", "[2620:fe::11]:853"] protocol = "tls" tls_dns_name = "dns11.quad9.net" [dns.resolver.quad9_unvalidated] display_name = "Quad9 unvalidated" info_url = "https://www.quad9.net/service/service-addresses-and-features/" aliases = ["q9u","9999u"] weight = 960 servers = ["9.9.9.10:853", "149.112.112.10:853", "[2620:fe::fe:10]:853", "[2620:fe::10]:853"] protocol = "tls" tls_dns_name = "dns10.quad9.net" [dns.resolver.cloudflare] display_name = "Cloudflare" info_url = "https://www.cloudflare.com/dns/" aliases = ["cf","1111"] weight = 450 servers = ["1.1.1.1:853", "1.0.0.1:853", "[2606:4700:4700::1111]:853", "[2606:4700:4700::1001]:853"] protocol = "tls" tls_dns_name = "cloudflare-dns.com" [dns.resolver.google] display_name = "Google" info_url = "https://www.cloudflare.com/dns/" aliases = ["goo","8888"] weight = 440 servers = ["8.8.8.8:53", "8.4.4.8:53", "[2001:4860:4860::8888]:53", "[2001:4860:4860::8844]:53"] protocol = "udp"