one-click script to modify dnsmasq to use cloudflared-proxy-dns

cloudflared-dnsmasq-install.sh

# download cloudflared
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgz
tar -xvf cloudflared-stable-linux-arm.tgz
sudo mv cloudflared /usr/local/bin/cloudflared

# install cloudflared-proxy-dns systemd service
sudo tee /etc/systemd/system/cloudflared-proxy-dns.service >/dev/null <<EOF
[Unit]
Description=DNS over HTTPS (DoH) proxy client
Wants=network-online.target nss-lookup.target
Before=nss-lookup.target

[Service]
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
DynamicUser=yes
ExecStart=/usr/local/bin/cloudflared proxy-dns --port 5300

[Install]
WantedBy=multi-user.target
EOF

# start and enable cloudflared-proxy-dns
sudo systemctl enable cloudflared-proxy-dns
sudo systemctl start cloudflared-proxy-dns

# check how fucked up your network is
echo "Before Cloudflared: $(dig +short A xvideos.com | xargs | awk '{print $1}')"
echo "Afters Cloudflared: $(dig +short A -p5300 xvideos.com | xargs | awk '{print $1}')"

# overwrite resolv.conf 
# lock resolv.conf attr
sudo rm -f /etc/resolv.conf
echo nameserver 127.0.0.1 | sudo tee /etc/resolv.conf >/dev/null
sudo chattr +i /etc/resolv.conf

# stop & update dnsmasq conf
sudo systemctl stop dnsmasq
sudo echo '''interface=wlan0
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
domain=wlan
address=/gw.wlan/192.168.4.1
server=127.0.0.1#5300''' > /etc/dnsmasq.conf >/dev/null

# start and enable dnsmasq conf
sudo systemctl start dnsmasq
echo "Afters Modification: $(dig +short A -p5300 xvideos.com | xargs | awk '{print $1}')"