==== pdns_recursor ====
Create <code>/etc/apt/sources.list.d/pdns.list</code> with this content:
  deb [signed-by=/etc/apt/keyrings/rec-50-pub.asc arch=amd64] http://repo.powerdns.com/debian bookworm-rec-50 main

Create <code>/etc/apt/preferences.d/rec-50</code> with this content:
  Package: rec*
  Pin: origin repo.powerdns.com
  Pin-Priority: 600

Then execute:
  wget -O /etc/apt/keyrings/rec-50-pub.asc https://repo.powerdns.com/FD380FBB-pub.asc && install -d /etc/apt/keyrings
  apt-get update
  apt-get install pdns-recursor

==== dnsdist ====
Create <code>/etc/apt/sources.list.d/pdns.list</code> with this content:
  deb [signed-by=/etc/apt/keyrings/dnsdist-19-pub.asc arch=amd64] http://repo.powerdns.com/debian bookworm-dnsdist-19 main

<code>/etc/apt/preferences.d/dnsdist-19</code> with this content:
  Package: dnsdist*
  Pin: origin repo.powerdns.com
  Pin-Priority: 600

Then execute:
  wget -O /etc/apt/keyrings/dnsdist-19-pub.asc https://repo.powerdns.com/FD380FBB-pub.asc && install -d /etc/apt/keyrings
  apt-get update
  apt-get install dnsdist

=== environment stuff ===
  mkdir /run/pdns-recursor
  ulimit -n 16384 # For more file descriptors


  * Run as different user!
  * ACLs for dnsdist

<code>generateDNSCryptProviderKeys("/etc/dnsdist/providerPublic.key", "/etc/dnsdist/providerPrivate.key")
Provider fingerprint is: 3285:59DB:45F9:379D:5F21:A64F:63C3:5534:5FC3:3D0F:9FF3:4418:B446:88A0:01FD:2B3F
generateDNSCryptCertificate("/etc/dnsdist/providerPrivate.key", "/etc/dnsdist/resolver.cert", "/etc/dnsdist/resolver.key", os.time(), os.time(), os.time()+86400,VERSION2)
addDNSCryptBind("0.0.0.0:8443", "2.dnscrypt-cert.dnscrypt.ca", "/etc/dnsdist/resolver.cert", "/etc/dnsdist/resolver.key")
sdns://AQcAAAAAAAAAEjE5Mi4xNjguMS4xNDk6ODQ0MyAyhVnbRfk3nV8hpk9jw1U0X8M9D5_zRBi0RoigAf0rPxsyLmRuc2NyeXB0LWNlcnQuZG5zY3J5cHQuY2E
</code>