Adding unbound as dns resolver

master
Patrick Oberdorf 7 years ago
parent 31b887807a
commit d0f759acca
No known key found for this signature in database
GPG Key ID: C0BF912B1FBDA1CD

@ -0,0 +1,14 @@
FROM alpine:edge
RUN apk add --no-cache unbound curl \
&& curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache \
&& chown root:unbound /etc/unbound \
&& chmod 775 /etc/unbound \
&& apk del --no-cache curl \
&& /usr/sbin/unbound-anchor -a /etc/unbound/trusted-key.key | true
COPY unbound.conf /etc/unbound/unbound.conf
EXPOSE 53/udp 53/tcp
CMD /usr/sbin/unbound

@ -0,0 +1,19 @@
server:
verbosity: 1
interface: 0.0.0.0
interface: ::0
logfile: /dev/stdout
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
do-daemonize: no
access-control: 0.0.0.0/0 allow
directory: "/etc/unbound"
username: unbound
auto-trust-anchor-file: trusted-key.key
root-hints: "/etc/unbound/root.hints"
hide-identity: yes
hide-version: yes
max-udp-size: 4096
msg-buffer-size: 65552

@ -21,6 +21,9 @@ SECRET_KEY=ChangeMeChangeMe
BIND_ADDRESS4=127.0.0.1 BIND_ADDRESS4=127.0.0.1
BIND_ADDRESS6=::1 BIND_ADDRESS6=::1
# Internal Docker network
IPV4_NETWORK=172.22.1
# Main mail domain # Main mail domain
DOMAIN=mailu.io DOMAIN=mailu.io

@ -1,4 +1,4 @@
version: '2' version: '2.1'
services: services:
@ -27,12 +27,37 @@ services:
- "$BIND_ADDRESS6:587:587" - "$BIND_ADDRESS6:587:587"
volumes: volumes:
- "$ROOT/certs:/certs" - "$ROOT/certs:/certs"
depends_on:
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- front
unbound:
image: mailu/unbound:$VERSION
restart: always
networks:
backend:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.254
aliases:
- unbound
redis: redis:
image: redis:alpine image: redis:alpine
restart: always restart: always
volumes: volumes:
- "$ROOT/redis:/data" - "$ROOT/redis:/data"
dns:
- ${IPV4_NETWORK:-172.22.1}.254
depends_on:
- unbound
networks:
backend:
aliases:
- redis
imap: imap:
image: mailu/dovecot:$VERSION image: mailu/dovecot:$VERSION
@ -44,6 +69,13 @@ services:
- "$ROOT/overrides:/overrides" - "$ROOT/overrides:/overrides"
depends_on: depends_on:
- front - front
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- imap
smtp: smtp:
image: mailu/postfix:$VERSION image: mailu/postfix:$VERSION
@ -54,6 +86,13 @@ services:
- "$ROOT/overrides:/overrides" - "$ROOT/overrides:/overrides"
depends_on: depends_on:
- front - front
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- smtp
antispam: antispam:
image: mailu/rspamd:$VERSION image: mailu/rspamd:$VERSION
@ -65,6 +104,13 @@ services:
- "$ROOT/overrides/rspamd:/etc/rspamd/override.d" - "$ROOT/overrides/rspamd:/etc/rspamd/override.d"
depends_on: depends_on:
- front - front
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- antispam
antivirus: antivirus:
image: mailu/$ANTIVIRUS:$VERSION image: mailu/$ANTIVIRUS:$VERSION
@ -72,6 +118,14 @@ services:
env_file: .env env_file: .env
volumes: volumes:
- "$ROOT/filter:/data" - "$ROOT/filter:/data"
depends_on:
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- antivirus
webdav: webdav:
image: mailu/$WEBDAV:$VERSION image: mailu/$WEBDAV:$VERSION
@ -79,6 +133,14 @@ services:
env_file: .env env_file: .env
volumes: volumes:
- "$ROOT/dav:/data" - "$ROOT/dav:/data"
depends_on:
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- webdav
admin: admin:
image: mailu/admin:$VERSION image: mailu/admin:$VERSION
@ -90,6 +152,13 @@ services:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
depends_on: depends_on:
- redis - redis
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- admin
webmail: webmail:
image: "mailu/$WEBMAIL:$VERSION" image: "mailu/$WEBMAIL:$VERSION"
@ -99,6 +168,13 @@ services:
- "$ROOT/webmail:/data" - "$ROOT/webmail:/data"
depends_on: depends_on:
- imap - imap
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- webmail
fetchmail: fetchmail:
image: mailu/fetchmail:$VERSION image: mailu/fetchmail:$VERSION
@ -106,3 +182,19 @@ services:
env_file: .env env_file: .env
volumes: volumes:
- "$ROOT/data:/data" - "$ROOT/data:/data"
depends_on:
- unbound
dns:
- ${IPV4_NETWORK:-172.22.1}.254
networks:
backend:
aliases:
- fetchmail
networks:
backend:
driver: bridge
ipam:
driver: default
config:
- subnet: ${IPV4_NETWORK:-172.22.1}.0/24

Loading…
Cancel
Save