I may or may not later post about configuring dnscrypt-proxy, but assuming you already are using DoH, you will probably encounter an issue with using free wireless networks at airports or similar public places.
Using DoH breaks how the captive portal at this airport works. The captive portal blocks all http traffic, including my DoH requests. So when I access a non-https site and it redirects me to a different domain, my laptop cannot resolve that domain. Using its IP directly also does not work because it captures all http traffic that is not targeted towards this domain.
Here's how to work around that limitation.
Figure out the network's DNS server. Either by checking the settings on the already connected android phone, or if you don't have one, by doing
xxxxxxxxxxgeneric@motorbrot:/opt/dnscrypt-proxy$ nmcli devDEVICE TYPE STATE CONNECTION wlp0s20f3 wifi connected Airport_Free_WiFi enp0s31f6 ethernet unavailable -- lo loopback unmanaged -- generic@motorbrot:/opt/dnscrypt-proxy$ nmcli dev show wlp0s20f3 | grep -i dnsIP4.DNS[1]: 77.241.235.248IP4.DNS[2]: 77.241.235.249dig the domain using that dns server to find its IP address.
xxxxxxxxxxdig @77.241.235.248 cmxcisco.euThe result in the ANSWER SECTION should be its IP address as dictated by the airport wifi. It's possible that you are able to connect to that address directly, depending on how the WiFi is set up. Otherwise, proceed with the next step.
Add it to /etc/hosts
xxxxxxxxxx52.211.201.203 cmxcisco.euReload any IP adress page (e.g. 192.0.0.1 or 1.1.1.1), login, then remove the hosts entry again once you're logged in.