paulmataruso/11note-docker-bind
1
0
Fork 0
mirror of https://github.com/11notes/docker-bind.git synced 2025-11-04 05:43:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

update to 9.18.13

Browse Source
This commit is contained in:
ElevenNotes
2023-04-05 09:48:53 +02:00
parent 47d34d2d59
commit 3855248580
5 changed files with 48 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
amd64.dockerfile
View File

@@ -1,41 +1,46 @@
# :: Header # :: Header
FROM alpine:3.16 FROM alpine:latest
ENV binVersion=9.18.13-r0
# :: Run # :: Run
USER root USER root
# :: prepare # :: prepare
RUN set -ex; \ RUN set -ex; \
mkdir -p /bind; \ mkdir -p /bind; \
mkdir -p /bind/etc \ mkdir -p /bind/etc \
mkdir -p /bind/var; mkdir -p /bind/var;
# :: install
RUN set -ex; \ RUN set -ex; \
apk add --update --no-cache \ apk add --update --no-cache \
bash \ bash \
bind>=9.16.29 \ bind>=${binVersion} \
bind-tools \
shadow; shadow;
# :: configure
RUN set -ex; \ RUN set -ex; \
addgroup --gid 1000 -S bind; \ addgroup --gid 1000 -S bind; \
adduser --uid 1000 -D -S -h /bind -s /sbin/nologin -G bind bind; adduser --uid 1000 -D -S -h /bind -s /sbin/nologin -G bind bind;
# :: copy root filesystem changes # :: copy root filesystem changes
COPY ./rootfs / COPY ./rootfs /
# :: docker -u 1000:1000 (no root initiative) # :: docker -u 1000:1000 (no root initiative)
RUN set -ex; \ RUN set -ex; \
chown -R bind:bind \ chown -R bind:bind \
/bind \ /bind \
/var/run/named; /var/run/named;
# :: Version
RUN set -ex; \
echo "CI/CD{{$(named -v 2>&1)}}";
# :: Volumes # :: Volumes
VOLUME ["/bind/etc", "/bind/var"] VOLUME ["/bind/etc", "/bind/var"]
# :: Monitor
RUN set -ex; chmod +x /usr/local/bin/healthcheck.sh
HEALTHCHECK CMD /usr/local/bin/healthcheck.sh || exit 1
# :: Start # :: Start
RUN set -ex; chmod +x /usr/local/bin/entrypoint.sh
USER bind USER bind
CMD ["/usr/sbin/named", "-fg", "-c", "/bind/etc/named.conf", "-u", "bind"] ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

20
rootfs/bind/etc/named.conf
View File

@@ -1,18 +1,20 @@
options { options {
listen-on { any; }; listen-on { any; };
directory "/bind/etc"; directory "/bind/etc";
recursion no; recursion no;
allow-notify { none; }; allow-notify { none; };
forwarders { 208.67.220.220; 208.67.222.222; }; forwarders { 208.67.220.220; 208.67.222.222; };
version "0.0"; version "0.0";
auth-nxdomain no; auth-nxdomain no;
max-cache-size 256m; max-cache-size 256m;
}; };
server ::/0 { bogus yes; };
acl acl-internal { acl acl-internal {
10.0.0.0/8; 10.0.0.0/8;
172.16.0.0/12; 172.16.0.0/12;
192.168.0.0/16; 192.168.0.0/16;
}; };
include "zones.conf"; include "zones.conf";

4
rootfs/bind/etc/zones.conf
View File

@@ -1,7 +1,9 @@
view "internal" { view "internal" {
recursion yes;
match-clients { acl-internal; }; match-clients { acl-internal; };
allow-query { acl-internal; }; allow-query { acl-internal; };
recursion yes; allow-recursion { acl-internal; };
zone "." { type hint; file "/bind/var/root.db"; };
}; };
view "external" { view "external" {

9
rootfs/usr/local/bin/entrypoint.sh Normal file
View File

@@ -0,0 +1,9 @@
#!/bin/ash
if [ -z "${1}" ]; then
set -- "named" \
-fg \
-c "/bind/etc/named.conf" \
-u bind
fi
exec "$@"

2
rootfs/usr/local/bin/healthcheck.sh Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/ash
dig . NS @localhost || exit 1