feat: DNS v1 (#1)

* Repository created from template
* Code migrated from previous temporary repository

.github/settings.yml

@@ -1,6 +1,6 @@
 # https://developer.github.com/v3/repos/#edit
 repository:
-  name: docker-$$IMAGE_NAME$$
+  name: docker-dns
   description: ""
   homepage: https://homecentr.github.io/
   private: false

.github/workflows/ci_cd.yml

@@ -5,7 +5,7 @@ on:
       - master
 
 env:
-  IMAGE_NAME: "homecentr/$$IMAGE_NAME$$"
+  IMAGE_NAME: "homecentr/dns"
 
 jobs:
   build:

.gitignore

@@ -0,0 +1,3 @@
+**/*.bind
+**/*.bind.jnl
+node_modules

Dockerfile

@@ -1 +1,44 @@
-FROM alpine
+FROM golang as metrics-build
+
+RUN go get github.com/digitalocean/bind_exporter && \
+    cd "/go/src/github.com/digitalocean/bind_exporter" && \
+    make
+
+RUN ls /go/src/github.com/digitalocean/bind_exporter
+
+FROM alpine
+
+LABEL maintainer="Lukas Holota <me@lholota.com>"
+
+RUN apk upgrade --no-cache && \
+    apk add --no-cache bind supervisor && \
+    apk add --virtual tmp_pip py-pip && \
+    pip install supervisor-stdout && \
+    apk del tmp_pip && \
+    mkdir /config-default
+
+COPY ./scripts/exit-event-listener.py /usr/local/bin/exit-event-listener
+COPY --from=metrics-build /go/src/github.com/digitalocean/bind_exporter/bind_exporter /usr/bin/bind_exporter
+
+COPY ./config/supervisord.conf /etc/supervisord.conf
+
+COPY ./config/named.conf /config-default/
+COPY ./config/healthcheck.conf /config-default/
+COPY ./config/healthcheck.zone /config-default/
+COPY ./config/statistics.conf /config-default/
+
+HEALTHCHECK --interval=10s --timeout=3s --start-period=10s --retries=3 CMD [ "nslookup", "ns1.bind9-healthcheck", "127.0.0.1" ]
+
+# Config directory
+VOLUME "/config"
+
+# DNS protocol
+EXPOSE 53/tcp 53/udp
+
+# Dynamic updates from DHCP server
+EXPOSE 953/tcp
+
+# Prometheus metrics
+EXPOSE 9000
+
+ENTRYPOINT ["supervisord", "-n", "--configuration", "/etc/supervisord.conf"]

README.md

@@ -1,2 +1,48 @@
-# HomeCentr - $$IMAGE_NAME$$
-Template repository for Docker container repositories
+# HomeCenter - DNS
+This container contains the [BIND9 DNS server](https://www.isc.org/bind/) along with a metrics endpoint compatible with [Prometheus](https://prometheus.io/).
+
+## Project status
+
+| Project status/quality | Analytics |
+|--------|---------------|
+| ![](https://snyk.io/test/github/homecentr/docker-dns/badge.svg) | [![](https://img.shields.io/docker/pulls/homecentr/dns.svg)](https://hub.docker.com/repository/docker/homecentr/dns) |
+| [![](https://img.shields.io/github/issues-raw/homecentr/docker-dns/bug?label=open%20bugs)](https://github.com/homecentr/docker-dns/labels/bug) | [![](https://images.microbadger.com/badges/version/homecentr/dns.svg)](https://hub.docker.com/repository/docker/homecentr/dns) |
+| [![](https://img.shields.io/github/license/homecentr/docker-dns)](https://github.com/homecentr/docker-dns/blob/master/LICENSE) |
+| [![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://github.com/homecentr/docker-dns/graphs/commit-activity) |
+| ![](https://github.com/homecentr/docker-dns/workflows/CI%2FCD%20on%20master/badge.svg) |
+
+## Usage
+
+> Make sure you set container's DNS to **localhost (127.0.0.1)**. The container has a built-in health check which tries to resolve a dummy DNS record. If you do not override the DNS, the health check command will be asking the DNS server the host is using instead of the DNS server running inside of this container and will obviously fail.
+
+```yml
+version: "3.7"
+services:
+  dns:
+    build: .
+    dns:
+      - 127.0.0.1 # important for health check
+    restart: unless-stopped
+    volumes:
+      # the directory MUST be writable, BIND9 writes jnl files next to the configuration
+      - "./example:/config:rw"
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+      - "9000:9000/tcp"
+```
+
+### Configuration
+See the `example/named.conf` for a quickstart or [BIND9 documentation](https://kb.isc.org/docs/aa-01031) for full configuration reference. The root configuration file (named.conf) is expected to be at `/config/named.conf`. This config file should also contain the following statement:
+```
+include "/config-default/default.conf";
+```
+This includes the piece of configuration which is built into the container which sets up statistics endpoint and dummy zone for the health check.
+
+## Exposed ports
+
+| Port | Description |
+|------|-------------|
+| 53/tcp | DNS protocol over TCP |
+| 53/udp | DNS protocol over UDP |
+| 9000/tcp | HTTP endpoint with Prometheus metrics |

config/healthcheck.conf

@@ -0,0 +1,4 @@
+zone bind9-healthcheck {
+    type master;
+    file "/config-default/healthcheck.zone";
+};

config/healthcheck.zone

@@ -0,0 +1,11 @@
+$ORIGIN bind9-healthcheck.
+$TTL 86400
+@	SOA	ns1.bind9-healthcheck.	hostmaster.bind9-healthcheck. (
+		2001062501 ; serial
+		10  
+		10  
+		10  
+		10 )
+;
+	NS	ns1.bind9-healthcheck.
+ns1 A   127.0.0.99

config/named.conf

@@ -0,0 +1,4 @@
+include "/config/named.conf";
+
+include "/config-default/statistics.conf";
+include "/config-default/healthcheck.conf";

config/statistics.conf

@@ -0,0 +1,3 @@
+statistics-channels {
+    inet 127.0.0.1 port 8888 allow { 127.0.0.1; };
+};

config/supervisord.conf

@@ -0,0 +1,29 @@
+[supervisord]
+nodaemon=true
+loglevel=info
+pidfile=/tmp/supervisord.pid
+
+[program:bind9]
+command=/usr/sbin/named -f -g -4 -c /config-default/named.conf
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:bind9_metrics]
+command=/usr/bin/bind_exporter -bind.stats-groups "server,view,tasks" -web.listen-address ":9000" -bind.stats-url "http://localhost:8888" ;The port should be fixed somehow
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[group:dns]
+programs=bind9,bind9_metrics
+
+[eventlistener:stdout] 
+command = supervisor_stdout 
+buffer_size = 1000 
+events = PROCESS_LOG 
+result_handler = supervisor_stdout:event_handler
+
+[eventlistener:exit_on_any_fatal]
+command=/usr/local/bin/exit-event-listener
+events=PROCESS_STATE_FATAL
+stdout_events_enabled=true
+stderr_events_enabled=true

docker-compose.yml

@@ -0,0 +1,13 @@
+version: "3.7"
+services:
+  dns:
+    build: .
+    dns:
+      - 127.0.0.1 # important for health check
+    restart: unless-stopped
+    volumes:
+      - "./example:/config:rw"
+    ports:
+      - 53:53/tcp
+      - 53:53/udp
+      - 9000:9000/tcp

example/named.conf

@@ -0,0 +1,13 @@
+options {
+        directory "/config";
+
+        recursion yes;
+        allow-recursion { any; };
+        listen-on { any; };
+        allow-transfer { any; };
+
+        forwarders {
+                8.8.8.8;
+                8.8.4.4;
+        };
+};

package.json

@@ -1,15 +1,15 @@
 { 
-  "name": "homecentr-$$IMAGE_NAME$$",
+  "name": "homecentr-dns",
   "version": "1.0.0",
   "description": "",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/homecentr/docker-$$IMAGE_NAME$$.git"
+    "url": "git+https://github.com/homecentr/docker-dns.git"
   },
   "author": "",
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/homecentr/docker-$$IMAGE_NAME$$/issues"
+    "url": "https://github.com/homecentr/docker-dns/issues"
   },
-  "homepage": "https://github.com/homecentr/docker-$$IMAGE_NAME$$#readme"
+  "homepage": "https://github.com/homecentr/docker-dns#readme"
 }

scripts/exit-event-listener.py

@@ -0,0 +1,16 @@
+#!/usr/bin/env python
+import os
+import signal
+
+from supervisor import childutils
+
+def main():
+    while True:
+        headers, payload = childutils.listener.wait()
+        childutils.listener.ok()
+        if headers['eventname'] != 'PROCESS_STATE_FATAL':
+            continue
+        os.kill(os.getppid(), signal.SIGTERM)
+
+if __name__ == "__main__":
+    main()