I've signed up for Cloudflare Gateway, set up my policies and received my unique ID to use as subdomain of the DNS over HTTPS hostname.
In my Raspberry Pi I already had a Pi-Hole installed, pointing to 127.0.0.1#5054 which is where cloudflared is listening. I changed my cloudflared config.yml from 1.1.1.1/dns-query to https://xxxxxx.cloudflare-gateway.com/dns-query (where xxxxxx is my Gateway unique ID). Saved and...
failed to connect to an HTTPS backend
The issue was that cloudflared could not lookup the hostname since it uses Pi-Hole to resolve, which in turn uses cloudflared to forward the query.
So I changed /etc/resolv.conf from 127.0.0.1 to 172.64.36.1 (Gateway's DNS IP) and that worked! Now I could browse and see the network queries on both my Pi-Hole and on the Gateway's Dashboard.
The problem is that resolv.conf is regularly overwritten. So I tried to put the DNS 172.64.36.1 in /etc/resolvconf.conf and in /etc/resolvconf/resolv.conf.d/base. Neither of them worked. Every couple hours, I get failed to connect to an HTTPS backend and I need to manually add 172.64.36.1 to resolv.conf.
Any ideas on how to make it stick to resolv.conf?
Thanks