From 540f6e3043e3443863444012ba0bb5f80079dd9c Mon Sep 17 00:00:00 2001
From: Bradley G Smith <bradley.g.smith@gmail.com>
Date: Fri, 3 Apr 2020 07:48:09 -0700
Subject: [PATCH 1/2] Added pi-hole as potential dnssec validator

---
 Readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Readme.md b/Readme.md
index 92562b4..5349f12 100644
--- a/Readme.md
+++ b/Readme.md
@@ -303,7 +303,7 @@ services:
 DNS-over-HTTPS is compatible with DNSSEC, and requests DNSSEC signatures by
 default. However signature validation is not built-in. It is highly recommended
 that you install `unbound` or `bind` and pass results for them to validate DNS
-records.
+records. An instance of [Pi Hole](https://pi-hole.net) could also be used to validate DNS signatures as well as provide other capabilities.
 
 ## EDNS0-Client-Subnet (GeoDNS)
 

From a84b65dd5617c154f92ea2b9494ac599f57b1493 Mon Sep 17 00:00:00 2001
From: Bradley G Smith <bradley.g.smith@gmail.com>
Date: Fri, 3 Apr 2020 10:58:57 -0700
Subject: [PATCH 2/2] expose container to port 53/upd

---
 Dockerfile.client | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.client b/Dockerfile.client
index 08acf63..3754afc 100644
--- a/Dockerfile.client
+++ b/Dockerfile.client
@@ -15,7 +15,8 @@ ADD doh-client/doh-client.conf /doh-client.conf
 RUN sed -i '$!N;s/"127.0.0.1:53",.*"127.0.0.1:5380",/":53",/;P;D' /doh-client.conf
 RUN sed -i '$!N;s/"\[::1\]:53",.*"\[::1\]:5380",/":5380",/;P;D' /doh-client.conf
 
-EXPOSE 53
+EXPOSE 53/udp
+EXPOSE 53/tcp
 EXPOSE 5380
 
 ENTRYPOINT ["/doh-client"]