Giter Site home page Giter Site logo

docker-bind9's Introduction

docker-bind9

This project build a bind9 domain name server configured to serve and accept updates for the root domain $BIND9_ROOTDOMAIN env variable.

Use the following ENV when running :

  • "BIND9_IP" : public IP of the DNS
  • "BIND9_ROOTDOMAIN" : the root domain (like : example.com)
  • "BIND9_KEYNAME" : the name of the key
  • "BIND9_KEY" : the key base64 encoded
  • "BIND9_KEY_ALGORITHM" : the key algo - examples : hmac-md5, hmac-sha1, hmac-sha256, hmac-sha512
  • "BIND9_FORWARDERS" : the forwarders (like : 8.8.8.8;8.8.8.4;)
  • "BIND9_IPV4ONLY" : set bind9 to support only IPV4
  • "BIND9_QUERY_CACHE_ACCEPT": set IP to allow in allow-query-cache, default 127.0.0.1. (use 10.0.0.0/8 for any local ip)
  • "BIND9_RECURSION_ACCEPT": set IP to allow in allow-recursion, default 127.0.0.1. (use 10.0.0.0/8 for any local ip)
  • "BIND9_STATIC_ENTRIES": multiline static entries for your zone.

The port 53 must be exposed in tcp and udp to answer DNS requests. The server will accept any query, but no cache request or recursion (the variable are set to listen 127.0.0.1 only by default)

Run with :

# With Forwarders: Bind ports to local docker IP to reduce forwarding risk
sudo docker run --name bind9 --restart=unless-stopped \
    -e "BIND9_IP=10.10.12.23" \
    -e "BIND9_ROOTDOMAIN=example.com" \
    -e "BIND9_KEYNAME=secret" \
    -e "BIND9_KEY_ALGORITHM=hmac-md5" \
    -e "BIND9_KEY=c2VjcmV0" \
    -e "BIND9_FORWARDERS=8.8.8.8;8.8.4.4;" \
    -p "172.17.0.1:53:53/udp" \
    -p "172.17.0.1:53:53" digitallumberjack/docker-bind9:latest

# No Forwarders - Only For Authority
sudo docker run --name bind9 --restart=unless-stopped \
    -e "BIND9_IP=10.10.12.23" \
    -e "BIND9_ROOTDOMAIN=example.com" \
    -e "BIND9_KEYNAME=secret" \
    -e "BIND9_KEY_ALGORITHM=hmac-md5" \
    -e "BIND9_KEY=c2VjcmV0" \
    -e "BIND9_FORWARDERS=" \
    -p 53:53/udp \
    -p 53:53 digitallumberjack/docker-bind9:latest

# With static entries
sudo docker run --name bind9 --restart=unless-stopped \
    -e "BIND9_IP=10.10.12.23" \
    -e "BIND9_ROOTDOMAIN=example.com" \
    -e "BIND9_KEYNAME=secret" \
    -e "BIND9_KEY_ALGORITHM=hmac-md5" \
    -e "BIND9_KEY=c2VjcmV0" \
    -e "BIND9_FORWARDERS=" \
    -e BIND9_STATIC_ENTRIES="www CNAME a.fqdn.com
blog 60 A 10.10.10.10" \
    -p 53:53/udp \
    -p 53:53 digitallumberjack/docker-bind9:latest

To manually add an entry :

nsupdate -y secret:c2VjcmV0
server 10.10.12.23
update add myentry.example.com 60 A 10.10.14.100

To get all entries of a domain with axfr request:

dig -y secret:c2VjcmV0 @10.10.12.23 example.com axfr

See nsupdate man for usage.

docker-bind9's People

Contributors

digitallumberjack avatar justsml avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

adopteunops justsml simbas nurse-curtis gotenxiao tyldum false-start updiversity kahara neutron-ah fruisoft ktheodosiou skuppa

docker-bind9's Issues

Reverse DNS lookup support

I have managed to configure this Bind9 stack with DNS Update (RFC2136) (I had to explicitly pass BIND9_KEY_ALGORITHM=hmac-md5), but it seems that there is no reverse DNS lookup support. This would be very helpful for setups like Hadoop, which heavily rely on reverse DNS.

Could you please suggest any solution or workaround to get rDNS working?

Provide static entries support

The service must provide static entries support.

Env variables can be declared and generate entries in the domain zone

How to add DNS entries with rancher

How can I automatically add DNS entries when deployed as environment service in rancher?
There is no vim, vi or nano in the container so I also can't add anything manually?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.