Cloudflare Worker: What to configure in Rethink Firewall app?

[DarthSonic]

I successfully deployed Rethink DNS to Cloudflare using domain secur.mydomain.de (example). Now I installed the Rethink DNS + Firewall app and I am trying to figure out the value I had to add as custom DNS reolver to the app to use my worker instead of Rethink server or another resolver?

What I tried is:
https://secure.mydomain.de/[configration-token]
https://secure.mydomain.de/[configration-token]/dns-query
https://secure.mydomain.de/[configration-token]/dns-query/resolve

Also tried the DoT Url:
[configration-token].mydomain.de

None of these worked.

[ignoramous]

https://secure.mydomain.de/[configration-token]

Should work, provided configuration-token is base64 or base32 with 1: or 1- in the front. Drop the 443, though, as that's the default, anyway.

• base32: https://secure.mydomain.de/1-6dpqcoaa4d7qh7777t7qeagaf4pwagebaeagaka
• base64: https://secure.mydomain.de/1:8N8BOADg_wP___z_AgDALx9gGIEBAGAo

[configration-token].secure.darth-sonic.de

...should work, provided configuration-token is base32.

• base32: 1-6dpqcoaa4d7qh7777t7qeagaf4pwagebaeagaka.secure.mydomain.de

You can reveal your configuration token, as that's not really encoding any auth information. If anything the server-name is what you should guard until unless we impl #79 (soon!)

[DarthSonic]

Okay. Found the problem. I followed these advices, but did not know what exact value to add:

• under Environment Variables click on Edit variables
• if your new DOH resolver url is example.dns.resolver.com/dns-query/resolve
• change below variables and click on save button CF_DNS_RESOLVER_URL = example.dns.resolver.com/dns-query/resolve

Tried https://secure.mydomain.de/%5Bconfigration-token%5D/dns-query/resolve but that obviously did not work. Can you help?

[ignoramous]

CF_DNS_RESOLVER_URL should point to a valid upstream DoH resolver, like https://cloudflare-dns.com/dns-query or https://dns.nextdns.io/dns-query or https://dns.adguard.com/dns-query etc.