GordonNet.ie - howtos

Installation
`wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb`
`sudo apt-get install ./cloudflared-stable-linux-amd64.deb`
`cloudflared -v`

Configuration
`sudo useradd -s /usr/sbin/nologin -r -M cloudflared`
`sudo nano /etc/default/cloudflared`

`# Commandline args for cloudflared`
`CLOUDFLARED_OPTS=--port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query`

Update the permissions for the configuration file and cloudflared binary to allow access for the cloudflared user:
`sudo chown cloudflared:cloudflared /etc/default/cloudflared`
`sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared`

Create cloudflared.service.
`sudo nano /etc/systemd/system/cloudflared.service`
`[Unit] Description=cloudflared DNS over HTTPS proxy After=syslog.target network-online.target [Service] Type=simple User=cloudflared EnvironmentFile=/etc/default/cloudflared ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS Restart=on-failure RestartSec=10 KillMode=process [Install] WantedBy=multi-user.target`
Enable the systemd service to run on startup, then start the service and check its status:
`sudo systemctl enable cloudflared`
`sudo systemctl start cloudflared`
`sudo systemctl status cloudflared`

Now test that it is working! Run the following dig command, a response should be returned similar to the one below:
`dig @127.0.0.1 -p 5053 google.com`