I am lost setting up DoH (DNS Encryption - DNS over HTTPS)

I would like to update my DNS to encrypt it with DNS or HTTPS (DoH) or DNS over TLS.

  • Adguard Home is up and running as my DNS server on an RPI5 running HAOS (router points to it for DNS).
  • I utilize cloudflared for remote HA access, so as part of that I do have a dedicated domain name.
  1. How do I set up the cloudflared api token - to then
  2. use within the letsencrypt addon to create the privkey and publick key to then
  3. use within the adguard home dns encryption settings?

FYI - I was able in my cloudlfared account create an api DNS token (I probably selected the wrong options) - and then was able to use that within the letsencrypt addon and it did create the files as specified in the configuration .yaml:

# TLS with letsencrypt add-on
http:
  server_port: 443
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

then I went in to adguard and added the encryption details along with the dns challenge of:

provider: dns-cloudflare
cloudflare_api_topken: #######################

I was able to successfully save the settings in adguard hoome, however when I went in and tried to access adguard home again the screen turned completely white with a symbol showing a broken link. All the other dashboards, and parts of the UI for HAOS worked perfectly however… So, I did a full restore and am back where I started.

So how do I get DNA over TLS or DNS over HTTPS turned on within Adguard Home utilizing a free token from the letsencrypt addon and my cloudflared domain? Are there very specific settings to use for the api key to be created (I set one up as DNS but don’t understand the other settings on that screen which is shown below?

What could be wrong in this case, what am I missing?

Nobody has a clue?