Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
docker_notes:docker-dns [2023-07-10 Mon wk28 20:10] – [Docker - DNS Server] baumkp | docker_notes:docker-dns [2024-05-12 Sun wk19 11:29] (current) – [docker compose] baumkp | ||
---|---|---|---|
Line 1: | Line 1: | ||
{{tag> | {{tag> | ||
======Docker - DNS Server====== | ======Docker - DNS Server====== | ||
- | I propose | + | [[https:// |
+ | I have been using Bind9 as my home LAN DNS for the past few years. I originally operated it on bare metal on my home router computer. | ||
The main router must be set to forward packets! | The main router must be set to forward packets! | ||
Line 18: | Line 19: | ||
*'' | *'' | ||
*'' | *'' | ||
+ | *'' | ||
+ | *From [[https:// | ||
+ | *'' | ||
+ | *'' | ||
+ | *'' | ||
+ | *'' | ||
+ | I have setup a primary DNS server and secondary slave DNS server. | ||
+ | *The primary DNS server runs on my main home server, it is the master | ||
+ | *The secondary DNS server runs on my router, it is set up as a slave server from the primary server and reads the zone files from the master when available. | ||
+ | |||
+ | ====bind9 docker image==== | ||
+ | I use the [[https:// | ||
+ | Notes | ||
+ | -I never had much success with the S6_KEEP_ENV when I played around with this earlier. | ||
+ | -Some of the packages are handy for debugging the container, but not required for normal package operation. | ||
+ | |||
+ | ++++Dockerfile| | ||
+ | < | ||
+ | |||
+ | ARG S6_OVERLAY_VERSION=3.1.6.2 | ||
+ | |||
+ | ADD https:// | ||
+ | RUN tar -C / -Jxpf / | ||
+ | ADD https:// | ||
+ | RUN tar -C / -Jxpf / | ||
+ | |||
+ | #ENV S6_KEEP_ENV=1 | ||
+ | #this keeps the environment variables | ||
+ | |||
+ | ENTRYPOINT ["/ | ||
+ | |||
+ | #add UID & GID | ||
+ | RUN \ | ||
+ | addgroup -g 99 named && \ | ||
+ | adduser -G named -u 99 -G named -D -S -h /dev/null named | ||
+ | |||
+ | RUN apk update && \ | ||
+ | apk --no-cache add \ | ||
+ | bind \ | ||
+ | bind-dnssec-tools \ | ||
+ | && \ | ||
+ | apk upgrade | ||
+ | #util-linux \ | ||
+ | #vim \ | ||
+ | #less \ | ||
+ | |||
+ | COPY user/* / | ||
+ | |||
+ | COPY s6-rc.d / | ||
+ | |||
+ | EXPOSE 53/tcp | ||
+ | EXPOSE 53/udp | ||
+ | EXPOSE 953/tcp | ||
+ | </ | ||
+ | ++++ | ||
+ | |||
+ | ====docker compose==== | ||
+ | A key point is the docker network is in host mode. (The ports are opened directly on the host and not routed from the docker internal network.) | ||
+ | |||
+ | ++++docker-compose.yml| | ||
+ | <code yaml>--- | ||
+ | services: | ||
+ | bind: | ||
+ | build: ./ | ||
+ | image: bind:latest | ||
+ | tty: true | ||
+ | stdin_open: true | ||
+ | container_name: | ||
+ | restart: ' | ||
+ | volumes: | ||
+ | - '/ | ||
+ | - '/ | ||
+ | - '/ | ||
+ | - '/ | ||
+ | network_mode: | ||
+ | |||
+ | command: / | ||
+ | ++++ | ||
====References==== | ====References==== | ||
*[[https:// | *[[https:// | ||
Line 32: | Line 111: | ||
| | ||
| | ||
+ | | ||
+ | | ||
+ | | ||
<- docker_notes: | <- docker_notes: |