add nsd
This commit is contained in:
parent
6ea3518c8b
commit
095056017e
|
@ -0,0 +1,14 @@
|
||||||
|
unbound:
|
||||||
|
build: unbound
|
||||||
|
hostname: unbound.mock.zknt.org
|
||||||
|
dns: 127.0.0.1
|
||||||
|
links:
|
||||||
|
- nsd:nsd.mock.zknt.org
|
||||||
|
volumes:
|
||||||
|
- "./unbound.conf:/etc/unbound/unbound.conf:ro"
|
||||||
|
nsd:
|
||||||
|
build: nsd
|
||||||
|
hostname: nsd.mock.zknt.org
|
||||||
|
volumes:
|
||||||
|
- "./zones:/zones"
|
||||||
|
- "./nsd.conf:/etc/nsd/nsd.conf:ro"
|
|
@ -0,0 +1,12 @@
|
||||||
|
server:
|
||||||
|
server-count: 1
|
||||||
|
pidfile: "/var/run/nsd.pid"
|
||||||
|
|
||||||
|
verbosity: 1
|
||||||
|
hide-version: yes
|
||||||
|
|
||||||
|
statistics: 3600
|
||||||
|
|
||||||
|
zone:
|
||||||
|
name: 168.192.in-addr.arpa
|
||||||
|
zonefile: "/zones/%s.zone"
|
|
@ -0,0 +1,5 @@
|
||||||
|
FROM alpine:3.4
|
||||||
|
RUN apk --no-cache add nsd
|
||||||
|
COPY nsd.conf /etc/nsd/nsd.conf
|
||||||
|
EXPOSE 53
|
||||||
|
CMD ["nsd", "-d"]
|
|
@ -0,0 +1,8 @@
|
||||||
|
server:
|
||||||
|
server-count: 1
|
||||||
|
pidfile: "/var/run/nsd.pid"
|
||||||
|
|
||||||
|
verbosity: 1
|
||||||
|
hide-version: yes
|
||||||
|
|
||||||
|
statistics: 3600
|
|
@ -0,0 +1,23 @@
|
||||||
|
server:
|
||||||
|
verbosity: 2
|
||||||
|
statistics-interval: 3600
|
||||||
|
|
||||||
|
interface: 0.0.0.0
|
||||||
|
|
||||||
|
# accept anything, firewall your ports!
|
||||||
|
access-control: 0.0.0.0/0 allow
|
||||||
|
logfile: ""
|
||||||
|
log-time-ascii: yes
|
||||||
|
log-queries: yes
|
||||||
|
|
||||||
|
root-hints: /etc/unbound/root.hints
|
||||||
|
trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
|
||||||
|
include: /etc/unbound/localzone.conf.new
|
||||||
|
|
||||||
|
domain-insecure: 168.192.in-addr.arpa.
|
||||||
|
private-address: 192.168.0.0/16
|
||||||
|
local-zone: "168.192.in-addr.arpa." nodefault
|
||||||
|
|
||||||
|
forward-zone:
|
||||||
|
name: "168.192.in-addr.arpa."
|
||||||
|
forward-host: nsd.mock.zknt.org.
|
|
@ -1,6 +1,8 @@
|
||||||
FROM alpine:3.4
|
FROM alpine:3.4
|
||||||
RUN apk --no-cache add unbound &&\
|
RUN apk --no-cache add unbound perl &&\
|
||||||
unbound-anchor
|
unbound-anchor
|
||||||
COPY unbound.conf /etc/unbound/unbound.conf
|
COPY unbound.conf /etc/unbound/unbound.conf
|
||||||
|
COPY build-unbound-localzone-from-hosts.pl /
|
||||||
|
COPY entrypoint.sh /
|
||||||
EXPOSE 53
|
EXPOSE 53
|
||||||
CMD ["unbound", "-d"]
|
CMD ["/entrypoint.sh", "-d"]
|
||||||
|
|
|
@ -0,0 +1,67 @@
|
||||||
|
#!/usr/bin/perl -WT
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
use warnings;
|
||||||
|
|
||||||
|
my $hostsfile = '/etc/hosts';
|
||||||
|
my $localzonefile = '/etc/unbound/localzone.conf.new';
|
||||||
|
|
||||||
|
my $localzone = 'example.com';
|
||||||
|
|
||||||
|
open( HOSTS,"<${hostsfile}" ) or die( "Could not open ${hostsfile}: $!" );
|
||||||
|
open( ZONE,">${localzonefile}" ) or die( "Could not open ${localzonefile}: $!" );
|
||||||
|
|
||||||
|
print ZONE "server:\n\n";
|
||||||
|
print ZONE "local-zone: \"${localzone}\" transparent\n\n";
|
||||||
|
|
||||||
|
my %ptrhash;
|
||||||
|
|
||||||
|
while ( my $hostline = <HOSTS> ) {
|
||||||
|
|
||||||
|
# Skip comments
|
||||||
|
if ( $hostline !~ "^#" and $hostline !~ '^\s+$' ) {
|
||||||
|
|
||||||
|
my @entries = split( /\s+/, $hostline );
|
||||||
|
|
||||||
|
my $ip;
|
||||||
|
|
||||||
|
my $count = 0;
|
||||||
|
foreach my $entry ( @entries ) {
|
||||||
|
if ( $count == 0 ) {
|
||||||
|
$ip = $entry;
|
||||||
|
} else {
|
||||||
|
|
||||||
|
if ( $count == 1) {
|
||||||
|
|
||||||
|
# Only return localhost for 127.0.0.1 and ::1
|
||||||
|
if ( ($ip ne '127.0.0.1' and $ip ne '::1') or $entry =~ 'localhost' ) {
|
||||||
|
if ( ! defined $ptrhash{$ip} ) {
|
||||||
|
$ptrhash{$ip} = $entry;
|
||||||
|
print ZONE "local-data-ptr: \"$ip $entry\"\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# Use AAAA for IPv6 addresses
|
||||||
|
my $a = 'A';
|
||||||
|
if ( $ip =~ ':' ) {
|
||||||
|
$a = 'AAAA';
|
||||||
|
}
|
||||||
|
|
||||||
|
print ZONE "local-data: \"$entry ${a} $ip\"\n";
|
||||||
|
|
||||||
|
}
|
||||||
|
$count++;
|
||||||
|
}
|
||||||
|
print ZONE "\n";
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
__END__
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
/usr/bin/perl -T /build-unbound-localzone-from-hosts.pl
|
||||||
|
/usr/sbin/unbound $@
|
|
@ -11,3 +11,4 @@ server:
|
||||||
|
|
||||||
root-hints: /etc/unbound/root.hints
|
root-hints: /etc/unbound/root.hints
|
||||||
trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
|
trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
|
||||||
|
include: /etc/unbound/localzone.conf.new
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
$ORIGIN 168.192.in-addr.arpa.
|
||||||
|
$TTL 1800
|
||||||
|
@ IN SOA ns1.mock.zknt.org. hostmaster.zknt.org. (
|
||||||
|
2014070201 ; serial number
|
||||||
|
3600 ; refresh
|
||||||
|
900 ; retry
|
||||||
|
1209600 ; expire
|
||||||
|
1800 ; ttl
|
||||||
|
)
|
||||||
|
IN NS ns1.mock.zknt.org.
|
||||||
|
|
||||||
|
1.0 IN PTR foo.bar.
|
Loading…
Reference in New Issue