43 lines
No EOL
996 B
Docker
43 lines
No EOL
996 B
Docker
# BIND9 DNS Server on Alpine Linux
|
|
FROM git.esculta.es/aesculta/alpine-base:latest
|
|
|
|
# Environment variables
|
|
ENV BIND_USER=named \
|
|
BIND_UID=53 \
|
|
BIND_GID=53 \
|
|
BIND_VERSION=9.18 \
|
|
RNDC_KEY=supersecretkey \
|
|
TZ=UTC
|
|
|
|
# Install BIND and tools
|
|
RUN apk add --no-cache \
|
|
bind~${BIND_VERSION} \
|
|
bind-tools~${BIND_VERSION} \
|
|
tzdata \
|
|
libcap \
|
|
&& rm -rf /var/cache/apk/*
|
|
# Configure BIND
|
|
#COPY --chown=named:named config/named.conf /etc/bind/
|
|
#COPY --chown=named:named config/zones/ /etc/bind/zones/
|
|
|
|
# Configure logging
|
|
RUN mkdir -p /var/log/named \
|
|
&& touch /var/log/named/named.log \
|
|
&& chown -R ${BIND_USER}:${BIND_USER} /var/log/named
|
|
|
|
# Set capabilities for non-root port binding
|
|
RUN setcap 'cap_net_bind_service=+ep' /usr/sbin/named
|
|
|
|
# Expose DNS ports
|
|
EXPOSE 53/tcp 53/udp
|
|
|
|
|
|
# Switch to named user
|
|
USER ${BIND_USER}
|
|
|
|
# Entrypoint script
|
|
COPY entrypoint.sh /
|
|
#RUN chmod +x /entrypoint.sh
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|
|
CMD ["named", "-g", "-u", "named"] |