Posts related to any “Android” device.

Setup your own DNS over TLS

So I have gone a little crazy lately in my home lab. I have created a anycast address in the LAN of that goes to the nearest pihole. (Local, Datacetner 1 or Datacenter 2)  While that was nice I still wanted a way to have pihole while on the go.  I thought about a VPN, that works but is not perfect for what I want.  A little more pondering and I found that Android 9 supports “Private DNS”.  Turns out that it is a simply DNS over TLS. (DoT)  That just makes this so much easier now.

How does one make a DoT server then?  Again answer is really simple, stunnel4 is all you need.  A quick bit of googling will get you to this page, which will walk through a more indepth setup of stunnel4.  Boiled down, and assuming you have a SSL cert handy/installed on the system:

# yum install stunnel4

# cat /etc/stunnel/dnstls.conf
cert = /etc/letsencrypt/live/
key = /etc/letsencrypt/live/

accept = 853
connect =

# systemctl enable stunnel4
# systemctl start stunnel4

After that, it was a matter of punching a hole in the firewall to allow 853 in to the server running the stunnel4 daemon.  Once that was up I added a DNS record for to the ip where the firewall hole was punched.  Finally in my android Settings -> Network & Internet -> Advanced -> Private DNS.  I set that to “Private DNS provider hostname” and put the mentioned hostname in the text field.  Bam, now anywhere I go my phone is covered by one of my piholes.

Now to look into providing DNS over HTTPS (DOH) the same way…

Disable Add App Icon To Home Screen

The newer version of the play store on Android phones moved the check box from what I would call a ideal location to one that while makes sense is the last place I would check.

For my personal note and anyone that find this:

Home screen, press hold
Scroll to bottom, toggle 'Add icon to Home screen'

Nexus 6P: Turn on WiFi Automatically

I use a Nexus 6P as my day to day driver despite my phone having the early shutdown bug with the battery.  (Currently working on getting an RMA, come on google I am at 4wks now waiting for outbound shipment.)  I stumbled upon something that I just wanted to bookmark for use just in case I ever needed to find this again.  Instead of a regular bookmark I figured it would be better if I made a public posting and linked the original artical.

adb shell
settings put global wifi_wakeup_available 1
settings put global wifi_wakeup_enabled 1