Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Allow for multiple wildcards, extra hosts as well as fix DNSSEC #7
Available Docker image for this PR
Additional features
Optional environmental variables
DEBUG_ENTRYPOINT
0
Values:
0
,1
or2
DOCKER_LOGS
0
1
to log info and queries to Docker logs.WILDCARD_DNS
EXTRA_HOSTS
DNSSEC_VALIDATE
no
no
. Other possible values are:yes
andauto
.DNS_FORWARDER
Example:
DNS_FORWARDER=8.8.8.8,8.8.4.4
TTL_TIME
3600
REFRESH_TIME
1200
RETRY_TIME
180
EXPIRY_TIME
1209600
MAX_CACHE_TIME
10800
DEBUG_ENTRYPOINT
0
, only warnings and errors are shown1
, info, warnings and errors are shown2
, info, warnings and errors are shown, as well as commands executed during startupDOCKER_LOGS
0
, no additional logging is done during run-time1
, BIND is more verbose during run-time and shows asked queries as well as general informationWILDCARD_DNS
The
WILDCARD_DNS
option allows you to specify one or more multiple catch-all DNS zones which can eitherbe a full TLD, a domain or any kind of subdomain. It allows you to map your catch-all to a specific
IP address or even a CNAME (if it is resolvable by public DNS servers). Optionally you can also assign
the reverse DNS name (PTR record).
The general format is as follows, whereas the string in square brackets it optional and responsible
for the reverse DNS (PTR records):
Some examples:
EXTRA_HOSTS
The
EXTRA_HOSTS
option almost works like theWILDCARD_DNS
option, except that no wildcard is added,but rather exactly the host you have specified.
This is useful if you want to add extra hosts to your setup just like the Docker Compose option
extra_hosts
Some examples:
DNSSEC_VALIDATE
The
DNSSEC_VALIDATE
variable defines the DNSSEC validation. Default is to not validate (no
).Possible values are:
yes
- DNSSEC validation is enabled, but a trust anchor must be manually configured. No validation will actually take place.no
- DNSSEC validation is disabled, and recursive server will behave in the "old fashioned" way of performing insecure DNS lookups, until you have manually configured at least one trusted key.auto
- DNSSEC validation is enabled, and a default trust anchor (included as part of BIND) for the DNS root zone is used.DNS_FORWARDER
By default this dockerized BIND is not acting as a DNS forwarder, so it will not have any external
DNS available. In order to apply external DNS forwarding, you will have to specify one or more external
DNS server. This could be the one's from google for example (
8.8.8.8
and8.8.4.4
) or any othersyou prefer. In case your LAN has its own DNS server with already defined custom DNS records that you
need to make available, you should use them.
Some examples
TTL_TIME
Specify time in seconds.
For more information regarding this setting, see BIND TTL and BIND SOA
REFRESH_TIME
Specify time in seconds.
For more information regarding this setting, see BIND SOA
RETRY_TIME
Specify time in seconds.
For more information regarding this setting, see BIND SOA
EXPIRY_TIME
Specify time in seconds.
For more information regarding this setting, see BIND SOA
MAX_CACHE_TIME
Specify time in seconds.
For more information regarding this setting, see BIND SOA