✨ feat(dns): add DoH URL resolution function

podkop/files/usr/bin/podkop

@@ -688,6 +688,46 @@ sing_box_inbound_proxy() {
     }'  > $SING_BOX_CONFIG
 }
 
+get_doh_url() {
+    local dns_server="$1"
+    local url=""
+
+    # Special case for Quad9 servers
+    if echo "$dns_server" | grep -q "quad9.net" || \
+       echo "$dns_server" | grep -qE "^9\.9\.9\.(9|10|11)$|^149\.112\.112\.(112|10|11)$|^2620:fe::(fe|9|10|11)$|^2620:fe::fe:(10|11)$"; then
+        url="https://$dns_server:5053/dns-query"
+        if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
+            echo "$url"
+            return 0
+        fi
+    fi
+
+    # Try standard DoH path first (most common)
+    url="https://$dns_server/dns-query"
+    if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
+        echo "$url"
+        return 0
+    fi
+
+    # Try alternative path
+    url="https://$dns_server/resolve"
+    if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
+        echo "$url"
+        return 0
+    fi
+
+    # Try root path
+    url="https://$dns_server"
+    if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
+        echo "$url"
+        return 0
+    fi
+
+    # If no paths worked, return error
+    echo "error: no working DoH endpoint found for $dns_server"
+    return 1
+}
+
 sing_box_dns() {
     local dns_type
     local dns_server
@@ -711,25 +751,30 @@ sing_box_dns() {
     fi
     
     log "Configure DNS in sing-box"
+
+    local dns_address=""
+    if [ "$dns_type" = "doh" ]; then
+        dns_address=$(get_doh_url "$dns_server")
+        if [ $? -ne 0 ] || [ "${dns_address#error:}" != "$dns_address" ]; then
+            log "[critical] Failed to get working DoH URL for $dns_server"
+            exit 1
+        fi
+    elif [ "$dns_type" = "dot" ]; then
+        dns_address="tls://$dns_server"
+    else
+        dns_address="$dns_server"
+    fi
     
     server_json=$(jq -n \
         --arg type "$dns_type" \
-        --arg server "$dns_server" \
+        --arg address "$dns_address" \
         --arg resolver "$resolver_tag" \
         --arg is_ip "$is_ip" \
         '{
             "servers": [
                 {
                     "tag": "dns-server",
-                    "address": (
-                        if $type == "doh" then
-                            "https://" + $server + "/dns-query"
-                        elif $type == "dot" then
-                            "tls://" + $server
-                        else
-                            $server
-                        end
-                    ),
+                    "address": $address,
                     "detour": "direct-out"
                 } + (
                     if $is_ip == "0" then
@@ -2078,20 +2123,8 @@ check_dns_available() {
     fi
 
     if [ "$dns_type" = "doh" ]; then
-        local result=""
-        
-        if echo "$dns_server" | grep -q "quad9.net" || \
-           echo "$dns_server" | grep -qE "^9\.9\.9\.(9|10|11)$|^149\.112\.112\.(112|10|11)$|^2620:fe::(fe|9|10|11)$|^2620:fe::fe:(10|11)$"; then
-            result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server:5053/dns-query?name=itdog.info&type=A")
-        else
-            result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server/dns-query?name=itdog.info&type=A")
-            if [ $? -eq 0 ] && echo "$result" | grep -q "data"; then
-                is_available=1
-                status="available"
-            else
-                result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server/resolve?name=itdog.info&type=A")
-            fi
-        fi
+        local doh_url=$(get_doh_url "$dns_server")
+        local result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "$doh_url?name=itdog.info&type=A")
         
         if [ $? -eq 0 ] && echo "$result" | grep -q "data"; then
             is_available=1