crazy-max / docker-unbound Goto Github PK

View Code? Open in Web Editor NEW

47.0 5.0 9.0 99 KB

Unbound Docker image

License: MIT License

Dockerfile 86.35% HCL 13.65%

docker unbound dns-server dnssec alpine-linux

docker-unbound's Issues

Just thank you for the tls support..

Thank you for making an unbound image with tls support..

docker run --name crazymax-unbound \
    --network=host \
   -v /etc/unbound/crazymax:/config \
    crazymax/unbound

dropped in my old config.. and moved on..

I'll see what it takes to update to 1.17.1 and alpine 3.17.1 as an exercise..

thank you for your time and effort.

(Alma linux apparently has 1.16.x has some crazy startup lag that I cannot overcome.. ) I got knot-resolver going.. but the logging is not the same as unbound..

Anyway, thank you.

Behaviour

Steps to reproduce this issue

Create config folder on docker host
docker-compose -d up
docker cp unbound:/etc/unbound/unbound.conf . (to config folder)
docker restart unbound

Expected behaviour

ubound should start with custom unbound.conf

Actual behaviour

unbound fails to start

Configuration

Docker version (type docker --version) : 20:10:14
Docker compose version if applicable (type docker-compose --version) : 1.29.1
Platform (Debian 9, Ubuntu 18.04, ...) : Ubuntu 20.04
System info (type uname -a) : Linux localserver 5.13.0-39-generic #44~20.04.1-Ubuntu SMP Thu Mar 24 16:43:35 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Include all necessary configuration files : docker-compose.yml, .env, ...

Docker-compose

  unbound:
    hostname: unbound
    image: crazymax/unbound
    container_name: unbound
    restart: always
    volumes:
      - "${docker}/unbound/config:/config:ro"
    ports:
      - 5053:5053/tcp
      - 5053:5053/udp
    user: 1000:1000

Docker info

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
  scan: Docker Scan (Docker Inc., v0.17.0)

Server:
 Containers: 96
  Running: 94
  Paused: 0
  Stopped: 2
 Images: 100
 Server Version: 20.10.14
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
 runc version: v1.0.3-0-gf46b6ba
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.13.0-39-generic
 Operating System: Ubuntu 20.04.4 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 31.12GiB
 Name: localserver
 ID: TJE6:MOTK:7QFB:G52G:LXBZ:GLLL:4YWV:ZXPR:ASEF:4H5O:Z3DZ:67G2
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Username: user1
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  osu.registry:5000
  127.0.0.0/8
 Live Restore Enabled: false

Logs

/config/unbound.conf:1: error: too many include files
/config/unbound.conf:32: error: too many include files
/config/unbound.conf:32: error: too many include files
read /etc/unbound/unbound.conf failed: 3 errors in configuration file
[1649184966] unbound[1:0] fatal error: Could not read config file: /etc/unbound/unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf

CacheDB compile

Hi Crazy-Max. First of all THANK YOU for an amazing image. This is the only docker image I could get working properly :).

QQ: Would you be able to include the cachedb option into a future release?

The Cache DB module must be configured in the module-config: "validator
cachedb iterator" directive and be compiled into the daemon with --en-
able-cachedb. If this module is enabled and configured, the specified
backend database works as a second level cache: When Unbound cannot
find an answer to a query in its built-in in-memory cache, it consults
the specified backend. If it finds a valid answer in the backend, Un-
bound uses it to respond to the query without performing iterative DNS
resolution. If Unbound cannot even find an answer in the backend, it
resolves the query as usual, and stores the answer in the backend.

The main reason for this is it allows you to keep a persistent DB that survives reboots / image updates and means you don’t have to rebuild it all again.

Thanks,

Lammi

Issue with latest update

Hi` Crazy-Max! Thanks for pushing the redis support. My image updated today but I’m getting the following error:

Error loading shared library libhiredis.so. 1.0.0: No such file or directory (needed by /us/sbin/unbound-checkconf)’
Error relocating /us/sbin/unbound -checkconf freeReolvobiect: symbol not found
Error relocating us sin unbound-checkcont: redisconnectwithtimeout: symbol not found
Error relocating /us/sbin/unbound-checkconf redisFree: svmbol not found
redisCommand: symbol not found

Do you know what might be missing? Do I need to map a new volume in compose?

handshake failed

Behaviour

Steps to reproduce this issue

start docker compose from the last version

Expected behaviour

unbound        | [1670938176] unbound[1:0] info: failed to prime trust anchor -- could not fetch DNSKEY rrset . DNSKEY IN
unbound        | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound        | [1670938190] unbound[1:0] notice: ssl handshake failed 1.0.0.1 port 853
unbound        | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound        | [1670938190] unbound[1:0] notice: ssl handshake failed 1.0.0.1 port 853
unbound        | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound        | [1670938190] unbound[1:0] notice: ssl handshake failed 1.1.1.1 port 853
unbound        | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound        | [1670938190] unbound[1:0] notice: ssl handshake failed 1.1.1.1 port 853

Actual behaviour

Tell me what happens instead

Configuration

Docker version (type docker --version) : Docker version 20.10.12, build 20.10.12-0ubuntu2~20.04.1
Docker compose version if applicable (type docker-compose --version) : Docker Compose version v2.14.0
Platform (Debian 9, Ubuntu 18.04, ...) : ubuntu 20.04
System info (type uname -a) : Linux adguard 5.15.0-56-generic #62~20.04.1-Ubuntu SMP Tue Nov 22 21:24:20 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Include all necessary configuration files : docker-compose.yml, .env, ...

  unbound:
    image: crazymax/unbound
    container_name: unbound
    depends_on:
      - redis
    ports:
      - target: 5053
        published: 5053
        protocol: tcp
      - target: 5053
        published: 5053
        protocol: udp
    volumes:
      - "/opt/unbound/config:/config:ro"
    restart: always

  redis:
    image: redis:6-alpine
    container_name: unbound-redis
    command: redis-server --save 60 1
    volumes:
      - "/opt/redis:/data"
    restart: always

forward-zone:
  name: "."
  forward-tls-upstream: yes

  # cloudflare-dns.com
  forward-addr: 1.1.1.1@853#cloudflare-dns.com
  forward-addr: 1.0.0.1@853#cloudflare-dns.com
  #forward-addr: 9.9.9.9@853#dns.quad9.net
  #forward-addr: 149.112.112.112@853#dns.quad9.net
  #forward-addr: 2606:4700:4700::1111@853
  #forward-addr: 2606:4700:4700::1001@853

Docker info

Client:
 Context:    default
 Debug Mode: false

Server:
 Containers: 4
  Running: 0
  Paused: 0
  Stopped: 4
 Images: 4
 Server Version: 20.10.12
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version:
 runc version:
 init version:
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.15.0-56-generic
 Operating System: Ubuntu 20.04.3 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 3.719GiB
 Name: adguard
 ID: 3KH4:W2Y7:XGRJ:B5N2:7XY6:N3Z3:7SWI:Z5RT:YUJP:76XY:ENE2:ZLGQ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false


### Logs

Container logs (set LOG_LEVEL to debug if applicable)

Please update to latest version - Unbound 1.17.0

Hi! The Docker image is not updated to the latest released unbound version. It'd be great if you could merge the cache-db branch to the master. I've been using that branch without any issues for some time.

crazy-max / docker-unbound Goto Github PK

docker-unbound's Issues

Behaviour

Steps to reproduce this issue

Expected behaviour

Actual behaviour

Configuration

Docker-compose

Docker info

Logs

Behaviour

Steps to reproduce this issue

Expected behaviour

Actual behaviour

Configuration

Docker info

Recommend Projects

Recommend Topics

Recommend Org

Jobs