- Hide menu

Blog

Building a private DOH server with Pi-hole and DNS-Crypt

There are good reasons to have your own private secure DNS server, with the Pi-hole ad-blocker. If you want to setup a private server on your home’s network, you can have a read on why it’s a good idea, and how to do it via https://scotthelme.co.uk/securing-dns…. I didn’t want to have a box running on my home’s LAN so wanted a way to set up a DNS server on the Net that was accessible when I was at home or out and about. This only works well if you can get to the server securely, and that’s where the DNS over HTTPS protocol comes in. Here’s a guide on setting a DOH+Pi-Hole server up at the rent-a-host Digital Ocean:

1. DOH server on Digital Ocean with Pi-hole

2. Setting up MacOS client to use the DOH server

3. Setting up iOS client to use the DOH server

1. DOH server on Digital Ocean

I used this guide to set up a DOH server: https://www.bentasker.co.uk/…dns-over-https-server; I followed all the steps with these exceptions:

  • Stopped at the Adblock setup stage. Didn’t need this as I was going to use Pi-hole
  • Skipped the firewall rules as I’m going to use the Firewall at Digital Ocean
  • The instructions are a little fuzzy on setting up administration access to Pi-hole. You’ll need to get a LetsEncrypt https certificate for the Pi-hole admin virtual server.

2. Setting up MacOS client to use the DOH server

Follow the instructions at https://github.com/DNSCrypt/…macOS; to install a DNS-Crypt proxy that talks to the DOH server we set up at DO. I’ve configured it to use only the DOH server setup in step 1, and not use any of the publicly available DOH server.

Also install a little utility called dnscrypt-proxy-switcher that sits on the menu bar that allows you to switch between different DNS settings.

3. Setting up iOS client to use the DOH server

Install DNSCloak • Secure DNS client on iPhone and iPad. Then add your DOH server from step 1.

Fixing Using Apple Watch to Unlock Mac problems

Since 2013, compatible Macs can be conveniently unlocked with an Apple Watch. However, this feature sometimes suddenly stops working. There are web pages that have solutions, but these are no more than reprinting Apple’s support pages.

When my watch stopped unlocking, I was unable to reactivate it. The Mac displayed an error “unable to communicate with watch” error. The typical answer is toggle handoff, but I found that I fixed this by simply unchecking “Require Password…”. This then allowed me to activate Allow watch to unlock again.

Australian Grand Prix 2019

Selected photos from the GP. More photos here.

USB Transfer to iPads and iPhones from Nikon Z6/Z7 and Canon EOS-R/RP cameras

This should simplify photo backup and quick editing without the need for a laptop when travelling. Just two cables and a lightning to USB3 adapter will allow you to transfer JPEG and RAW to an iPad or iPhone. The 3rd generation iPad Pro uses USB-C connector so a dual ended USB-C cable like this one or this one is all you need. For iPhones and iPads other than the 3rd Gen, The Apple Lightning to USB 3 Camera Adapter is needed and a Super Speed 3.1 USB-A to USB-C cable to get the fastest transfer speed from cameras. If you use a USB-A to USB-C charging cable, transfers will only occur at USB 2.0 speeds which is woefully slow. I’ve also found that a USB-C female to Lightning adapters that you can find on Ebay doesn’t work for data transfers, requiring the Apple Camera Adapter and a USB-A cable.

These cables and adapter will work for both the Nikon Z6/Z7 and the Canon EOS-R/RP Mirrorless cameras as they both have USB-C connectors.

Use a small catalog to speed up import – Adobe Lightroom

Here’s a tip for my Lightroom friends. Was frustrated that my imports were taking too long – over 20 seconds to import a small number of images.
Decided to test it with an empty catalog and not unsurprisingly the import was nearly instant. So my workflow is now use a new catalog during an event and then import that into an archive catalog afterwards.