I built something very similar to this too, but in Go. My motivation was that running Pi Hole was just way over complicated for something that should be simple and light weight.
* Fetches block lists every 6 hours
* Gets DNS requests over DoH then serves as DNS over the VPN.
* A single Go binary, so it's exceptionally easy to run.
It was super interesting to play around and get working as a side project, and as a plus debugging deadlocks in a DNS application is always fun /s
replies(1):