Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rewrite DNS + Redirect (Google -> Esocia; Youtube -> Plex, etc) #1372

Open
prologic opened this issue Jan 26, 2020 · 5 comments
Open

Rewrite DNS + Redirect (Google -> Esocia; Youtube -> Plex, etc) #1372

prologic opened this issue Jan 26, 2020 · 5 comments

Comments

@prologic
Copy link

@prologic prologic commented Jan 26, 2020

Please read carefully as I may not have titled this issue as succinctly as I'd like :)

Prerequisites

  • I am running the latest version
  • I checked the documentation and found no answer
  • I checked to make sure that this issue has not already been filed

Problem Description

The problem I want to solve here is quite simple:

Let's say I want to be a little facist and try out a new search engine (e.g: Ecosia) and rather than make all users in my network (home) have to reconfigure their browsers, add extensions and what not (too hard / too much effort); I instead rewrite all DNS queries for other search engines to a simple service that then also redirects to where I want to go.

This isn't necessarily just about search engines however; this is more or less a general purpose feature where you could rewrite + redirect quite a lot of useful things to other services or even internal ones.

Proposed Solution

We already have Rewrite support in the UI. It supports today very simple:

  • domain -> domain
  • domain -> ip address

We need to add support for CNAME(s) and wildcard(s) too.

Have a look at this project (which I tend to play with): https://github.com/Eraac/dns-redirect

I'm going to see how far I get with reconfiguring my ADH setup alongside this dns-redirect service and wee how that pans out.

Having a rewrite + redirect feature builtin to ADH would be pretty amazing though and if you did it in such a way that it were also simple to use from a UI (you guys are pretty amazing at doing this!) even better!

As a bonus -- Adding simple simple "builtin" rewrite+redirect(s) would also be amazing for example:

  • Google -> DDG
  • Twitter -> micro.blog
  • YouTube -> plex.mydomain.tld
  • I'm sure we can come up with other crazy examples!)

Alternatives Considered

I think I pretty much outlined the alternative :) -- A hacky setup with ADH + dns-rewrite -- There are probably tonnes of other ways to do this too but I'm a pretty big fan of simple, portable software solutions that solve a problem -- Not hard to use / hard to learn tech that no-one but rocket scientists understand 🤣

Additional Information

Nope :D Good NEW Feature to go along with a new major release :)

@prologic

This comment has been minimized.

Copy link
Author

@prologic prologic commented Jan 26, 2020

I checked to make sure that this issue has not already been filed

There are some similar-ish issues but they are very specific; this is a more general "Feature Request" that will not be all that trivial to solve / add to 😃

@prologic prologic changed the title Rewrite DNS + Redirect Rewrite DNS + Redirect (Google -> Esocia; Youtube -> Plex, etc) Jan 26, 2020
@ameshkov

This comment has been minimized.

Copy link
Member

@ameshkov ameshkov commented Jan 26, 2020

We need to add support for CNAME(s) and wildcard(s) too.

Hm, but it does support CNAME and wildcards already.

You can do something like this for instance:

  • example.org -> example.com
  • *.exampe.org -> example.com

The problem is that this won't be enough. If you do www.google.com -> ecosia.org, your browser won't allow the connection because it won't be able to verify the HTTPS certificate. It will be expecting a certificate for google, but it will get a cert for a different domain.

@prologic

This comment has been minimized.

Copy link
Author

@prologic prologic commented Jan 26, 2020

Hm, but it does support CNAME and wildcards already.

You can do something like this for instance:

  • example.org -> example.com
  • *.exampe.org -> example.com

On so that works in the Rewrite UI?
It wasn't obvious to me at first sorry :)

@prologic

This comment has been minimized.

Copy link
Author

@prologic prologic commented Jan 26, 2020

The problem is that this won't be enough. If you do www.google.com -> ecosia.org, your browser won't allow the connection because it won't be able to verify the HTTPS certificate. It will be expecting a certificate for google, but it will get a cert for a different domain.

Yes I know :D You need to rewrite the domains to the address of ADH itself. ADH then needs to process those requests and redirect.

@ameshkov

This comment has been minimized.

Copy link
Member

@ameshkov ameshkov commented Jan 27, 2020

Yes I know :D You need to rewrite the domains to the address of ADH itself. ADH then needs to process those requests and redirect.

Yeah, and there are a number of additional issues with that:

  1. We'll need to generate a certificate for the domain on-the-fly
  2. You need to install root CA to every device so that they trusted our cert

On the other hand, when we have a MITM proxy as a part of AGH, we could implement all this without using the DNS at all, just by using a regular HTTP redirect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.