aesculta/bind9
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Server migration

Browse source
This commit is contained in:
Artai Esculta 2025-03-17 10:07:28 +01:00
parent bd08db0172
commit 835f1d4211
2 changed files with 56 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
Dockerfile Normal file
View file

@ -0,0 +1,43 @@
# BIND9 DNS Server on Alpine Linux
FROM git.esculta.es/aesculta/alpine-base:latest
# Environment variables
ENV BIND_USER=named \
BIND_UID=53 \
BIND_GID=53 \
BIND_VERSION=9.18 \
RNDC_KEY=supersecretkey \
TZ=UTC
# Install BIND and tools
RUN apk add --no-cache \
bind~${BIND_VERSION} \
bind-tools~${BIND_VERSION} \
tzdata \
libcap \
&& rm -rf /var/cache/apk/*
# Configure BIND
#COPY --chown=named:named config/named.conf /etc/bind/
#COPY --chown=named:named config/zones/ /etc/bind/zones/
# Configure logging
RUN mkdir -p /var/log/named \
&& touch /var/log/named/named.log \
&& chown -R ${BIND_USER}:${BIND_USER} /var/log/named
# Set capabilities for non-root port binding
RUN setcap 'cap_net_bind_service=+ep' /usr/sbin/named
# Expose DNS ports
EXPOSE 53/tcp 53/udp
# Switch to named user
USER ${BIND_USER}
# Entrypoint script
COPY entrypoint.sh /
#RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["named", "-g", "-u", "named"]

13
entrypoint.sh Normal file
View file

@ -0,0 +1,13 @@
#!/bin/sh
set -e
# Set permissions
chown -R named:named /etc/bind /var/log/named /var/cache/bind
# Generate rndc.key if missing
if [ ! -f /etc/bind/rndc.key ]; then
rndc-confgen -a -c /etc/bind/rndc.key -k rndc-key -A hmac-sha256
fi
# Start BIND
exec "$@"