Fully working dnsdist coming up.

dnsdist/Dockerfile

@@ -2,8 +2,8 @@ FROM	rootwyrm/dns_base
 
 ## Set up our labels
 LABEL	maintainer="Phillip 'RootWyrm' Jaenke <prj+docker@rootwyrm.com>" \
-        com.rootwyrm.project="dns_docker/nsd" \
-        com.rootwyrm.product="NLnet nsd" \
+        com.rootwyrm.project="dns_docker/dnsdist" \
+        com.rootwyrm.product="PowerDNS dnsdist" \
         com.rootwyrm.vcs-type="github" \
         com.rootwyrm.url="%%GITHUB_REPOSITORY%%" \
         com.rootwyrm.docker.base="rootwyrm/dns_base:latest" \
@@ -14,7 +14,7 @@ LABEL	maintainer="Phillip 'RootWyrm' Jaenke <prj+docker@rootwyrm.com>" \
         ## label-schema.org
         org.label-schema.schema-version="1.0.0-rc1" \
         org.label-schema.vendor="RootWyrm" \
-        org.label-schema.name="dns_docker/base" \
+        org.label-schema.name="dns_docker/dnsdist" \
         org.label-schema.url="%%GITHUB_REPOSITORY%%" \
         org.label-schema.vcs-ref="%%VCS_REF%%" \
         org.label-schema.version="%%REF%%" \

dnsdist/README.md

@@ -1,3 +1,11 @@
-Docker container for dnsdist 1.5.0
+Docker container for dnsdist
+
+**CAUTION: HEAD is on 1.5.0-rc train**
 
 ![Build - dnsdist](https://github.com/rootwyrm/dns_docker/workflows/Build%20-%20dnsdist/badge.svg)
+
+## Volume Layout
+dnsdist has a very specific volume layout in order to support complex configurations. Configurations will be loaded in the ORDER they are listed here, followed by alphabetical order within that directory.
+* conf.d/ - base configuration overrides (e.g. listen, ACLs, web UI)
+* lua/ - any standalone Lua programs or snippets must go in this directory
+* maps/ - all response mappings (e.g. rate-limits, specific redirects, etc.)

dnsdist/application/firstboot/dnsdist.sh

@@ -19,7 +19,7 @@ function ipaddress()
 	fi
 
 	export SYSTEM_LOCALIP6=$(ifconfig eth0 | grep inet6 | grep -v Link | awk '{print $3}')
-	if [ $SYSTEM_LOCALIP6 == '' ]; then
+	if [[ $SYSTEM_LOCALIP6 == '' ]]; then
 		unset SYSTEM_LOCALIP6
 	else
 		export DNSDIST_LOCALIP6=$SYSTEM_LOCALIP6
@@ -74,7 +74,10 @@ function config()
 	## Password
 	sed -i -e 's/%%DNSDIST_PASSWD%%/'$DNSDIST_PASSWD'/g' $CONFIG
 	printf 'dnsdist Web Password: admin:%s\n' "$DNSDIST_PASSWD"
+	printf '**********************************************************************\n'
+	printf '[dnsdist] firstboot tasks complete.\n'
 }
 
+printf '[dnsdist] Performing firstboot tasks...\n'
 ipaddress
 config

dnsdist/conf/dnsdist.conf

@@ -9,8 +9,8 @@ setKey("%%DNSDIST_APIKEY%%")
 -- Listener configuration
 ------------------------------------------------------------
 setLocal('127.0.0.1')
-setLocal('%%DNSDIST_LOCALIP4%%'/32)
-setLocal('%%DNSDIST_LOCALIP6%%'/32)
+setLocal('%%DNSDIST_LOCALIP4%%')
+setLocal('%%DNSDIST_LOCALIP6%%')
 
 ------------------------------------------------------------
 -- Web server configuration
@@ -37,6 +37,9 @@ newServer( {address="172.16.53.11:53", pool="localroot", name="localroot", tcpFa
 -- Configurable pools
 newServer( {address="172.16.53.11:53", pool="authoritative", name="nsd.docker", tcpFastOpen=true, qps=50} )
 newServer( {address="172.16.53.12:53", pool="recursor", name="unbound.docker", tcpFastOpen=true, qps=50} )
+-- Some reasonable public engagement servers
+newServer( { address="9.9.9.9:53", pool="quad9",  name="dns9.quad9.net", qps=10} )
+newServer( { address="149.112.112.112:53", pool="quad9",  name="rrdns.pch.net", qps=10} )
 
 ------------------------------------------------------------
 -- Fixed mapping

dnsdist/sv/dnsdist/run

@@ -8,8 +8,6 @@ if [ -f /firstboot ]; then
 	## Wait for firstboot to complete.
 	echo "firstboot still in process, waiting 60 seconds..."
 	sleep 60
-	## Trigger restart
-	exit -1
 fi
 if [ -f /dnsdist.disable ]; then
 	echo "dnsdist lockout found, refusing to start."
@@ -19,4 +17,4 @@ fi
 echo "Starting dnsdist as $dduser:$ddgroup"
 echo " "
 
-exec /usr/local/bin/dnsdist -C /usr/local/etc/dnsdist/dnsdist.conf -u $dduser -g $dduser --supervised
+/usr/local/bin/dnsdist -C /usr/local/etc/dnsdist/dnsdist.conf -u $dduser -g $dduser --supervised