Skip to content
This repository has been archived by the owner on Jul 20, 2022. It is now read-only.

homecentr/docker-dns

BranchesTags

Repository files navigation

Project status

CI/CD on master Regular Docker image vulnerability scan

HomeCenter - DNS

BIND9 DNS server packed with the usual bells and whistles.

Usage

Make sure you set container's DNS to localhost (127.0.0.1). The container has a built-in health check which tries to resolve a dummy DNS record. If you do not override the DNS, the health check command will be asking the DNS server the host is using instead of the DNS server running inside of this container and will obviously fail.

version: "3.7"
services:
  dns:
    build: .
    dns:
      - 127.0.0.1 # important for health check
    restart: unless-stopped
    volumes:
      # the directory MUST be writable, BIND9 writes jnl files next to the configuration
      - "./example:/config:rw"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "9000:9000/tcp"

Configuration

See the example/named.conf for a quickstart or BIND9 documentation for full configuration reference. The root configuration file (named.conf) is expected to be at /config/named.conf. The container contains a piece of built-in configuration which automatically sets up the statistics endpoint and a zone for health check.

Environment variables

Name Default value Description
PUID 7077 UID of the user cadvisor should be running as. The UID must have sufficient rights to read from the Docker socket.
PGID 7077 GID of the user cadvisor should be running as. You must set the PUID if you want to set the PGID variable.

Exposed ports

Port Description
53/tcp DNS protocol over TCP
53/udp DNS protocol over UDP
8888/tcp Default port for statistics, is not opened by default, must be configured in named.conf

Volumes

Container path Description
/config BIND9 configuration files. This location must be writable by the PUID/PGID user because BIND9 writes journal files next to the zone files.

Security

The container is regularly scanned for vulnerabilities and updated. Further info can be found in the Security tab.

Container user

The container supports privilege drop. Even though the container starts as root, it will use the permissions only to perform the initial set up. The cadvisor process runs as UID/GID provided in the PUID and PGID environment variables.

⚠️ Do not change the container user directly using the user Docker compose property or using the --user argument. This would break the privilege drop logic.

About

homecentr.github.io

Topics

dns docker-image dnssec homecentr isc-bind

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 7

v1.4.2 Latest
Jul 30, 2020
+ 6 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages