diff --git a/basics.yml b/basics.yml
index b6b31c5..eb1b421 100644
--- a/basics.yml
+++ b/basics.yml
@@ -248,21 +248,26 @@
       notify: localectl
       when: nocontainer.stat.exists == true
 
-    - name: DigitalCourage encrypted DNS (DoT) via TLS systemd-resolved without censorship
-      blockinfile:
+    ## NOW WITH DoH OVER DNSCRYPT-DNS-Proxy
+    #- name: DigitalCourage encrypted DNS (DoT) via TLS systemd-resolved without censorship
+    #  blockinfile:
+    #    path: /etc/systemd/resolved.conf.d/digitalcourage-dot.conf
+    #    mode: "0444"
+    #    owner: root
+    #    group: root
+    #    create: yes
+    #    insertbefore: BOF # Beginning of the file
+    #    marker: "# {mark} ANSIBLE MANAGED BLOCK"
+    #    block: |
+    #      [Resolve]
+    #      DNS=5.9.164.112#dns3.digitalcourage.de 2a01:4f8:251:554::2#dns3.digitalcourage.de
+    #      DNSOverTLS=opportunistic
+    #    backup: yes
+    #  when: nocontainer.stat.exists == true
+    - name: NOW WITH DoH OVER DNSCRYPT-DNS-Proxy
+      ansible.builtin.file:
+        state: absent
         path: /etc/systemd/resolved.conf.d/digitalcourage-dot.conf
-        mode: "0444"
-        owner: root
-        group: root
-        create: yes
-        insertbefore: BOF # Beginning of the file
-        marker: "# {mark} ANSIBLE MANAGED BLOCK"
-        block: |
-          [Resolve]
-          DNS=5.9.164.112#dns3.digitalcourage.de 2a01:4f8:251:554::2#dns3.digitalcourage.de
-          DNSOverTLS=opportunistic
-        backup: yes
-      when: nocontainer.stat.exists == true
       
     - name: SSHD hardening
       blockinfile: