crazy-max / docker-unbound Goto Github PK
View Code? Open in Web Editor NEWUnbound Docker image
License: MIT License
Unbound Docker image
License: MIT License
Thank you for making an unbound image with tls support..
docker run --name crazymax-unbound \
--network=host \
-v /etc/unbound/crazymax:/config \
crazymax/unbound
dropped in my old config.. and moved on..
I'll see what it takes to update to 1.17.1 and alpine 3.17.1 as an exercise..
thank you for your time and effort.
(Alma linux apparently has 1.16.x has some crazy startup lag that I cannot overcome.. ) I got knot-resolver going.. but the logging is not the same as unbound..
Anyway, thank you.
ubound should start with custom unbound.conf
unbound fails to start
docker --version
) : 20:10:14docker-compose --version
) : 1.29.1uname -a
) : Linux localserver 5.13.0-39-generic #44~20.04.1-Ubuntu SMP Thu Mar 24 16:43:35 UTC 2022 x86_64 x86_64 x86_64 GNU/Linuxdocker-compose.yml
, .env
, ... unbound:
hostname: unbound
image: crazymax/unbound
container_name: unbound
restart: always
volumes:
- "${docker}/unbound/config:/config:ro"
ports:
- 5053:5053/tcp
- 5053:5053/udp
user: 1000:1000
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 96
Running: 94
Paused: 0
Stopped: 2
Images: 100
Server Version: 20.10.14
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc version: v1.0.3-0-gf46b6ba
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.13.0-39-generic
Operating System: Ubuntu 20.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.12GiB
Name: localserver
ID: TJE6:MOTK:7QFB:G52G:LXBZ:GLLL:4YWV:ZXPR:ASEF:4H5O:Z3DZ:67G2
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: user1
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
osu.registry:5000
127.0.0.0/8
Live Restore Enabled: false
/config/unbound.conf:1: error: too many include files
/config/unbound.conf:32: error: too many include files
/config/unbound.conf:32: error: too many include files
read /etc/unbound/unbound.conf failed: 3 errors in configuration file
[1649184966] unbound[1:0] fatal error: Could not read config file: /etc/unbound/unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf
Hi Crazy-Max. First of all THANK YOU for an amazing image. This is the only docker image I could get working properly :).
QQ: Would you be able to include the cachedb option into a future release?
The Cache DB module must be configured in the module-config: "validator
cachedb iterator" directive and be compiled into the daemon with --en-
able-cachedb. If this module is enabled and configured, the specified
backend database works as a second level cache: When Unbound cannot
find an answer to a query in its built-in in-memory cache, it consults
the specified backend. If it finds a valid answer in the backend, Un-
bound uses it to respond to the query without performing iterative DNS
resolution. If Unbound cannot even find an answer in the backend, it
resolves the query as usual, and stores the answer in the backend.
The main reason for this is it allows you to keep a persistent DB that survives reboots / image updates and means you don’t have to rebuild it all again.
Thanks,
Lammi
Hi` Crazy-Max! Thanks for pushing the redis support. My image updated today but I’m getting the following error:
Error loading shared library libhiredis.so. 1.0.0: No such file or directory (needed by /us/sbin/unbound-checkconf)’
Error relocating /us/sbin/unbound -checkconf freeReolvobiect: symbol not found
Error relocating us sin unbound-checkcont: redisconnectwithtimeout: symbol not found
Error relocating /us/sbin/unbound-checkconf redisFree: svmbol not found
redisCommand: symbol not found
Do you know what might be missing? Do I need to map a new volume in compose?
unbound | [1670938176] unbound[1:0] info: failed to prime trust anchor -- could not fetch DNSKEY rrset . DNSKEY IN
unbound | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound | [1670938190] unbound[1:0] notice: ssl handshake failed 1.0.0.1 port 853
unbound | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound | [1670938190] unbound[1:0] notice: ssl handshake failed 1.0.0.1 port 853
unbound | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound | [1670938190] unbound[1:0] notice: ssl handshake failed 1.1.1.1 port 853
unbound | [1670938190] unbound[1:0] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
unbound | [1670938190] unbound[1:0] notice: ssl handshake failed 1.1.1.1 port 853
Tell me what happens instead
docker --version
) : Docker version 20.10.12, build 20.10.12-0ubuntu2~20.04.1docker-compose --version
) : Docker Compose version v2.14.0uname -a
) : Linux adguard 5.15.0-56-generic #62~20.04.1-Ubuntu SMP Tue Nov 22 21:24:20 UTC 2022 x86_64 x86_64 x86_64 GNU/Linuxdocker-compose.yml
, .env
, ... unbound:
image: crazymax/unbound
container_name: unbound
depends_on:
- redis
ports:
- target: 5053
published: 5053
protocol: tcp
- target: 5053
published: 5053
protocol: udp
volumes:
- "/opt/unbound/config:/config:ro"
restart: always
redis:
image: redis:6-alpine
container_name: unbound-redis
command: redis-server --save 60 1
volumes:
- "/opt/redis:/data"
restart: always
forward-zone:
name: "."
forward-tls-upstream: yes
# cloudflare-dns.com
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
#forward-addr: 9.9.9.9@853#dns.quad9.net
#forward-addr: 149.112.112.112@853#dns.quad9.net
#forward-addr: 2606:4700:4700::1111@853
#forward-addr: 2606:4700:4700::1001@853
Client:
Context: default
Debug Mode: false
Server:
Containers: 4
Running: 0
Paused: 0
Stopped: 4
Images: 4
Server Version: 20.10.12
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version:
runc version:
init version:
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.15.0-56-generic
Operating System: Ubuntu 20.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.719GiB
Name: adguard
ID: 3KH4:W2Y7:XGRJ:B5N2:7XY6:N3Z3:7SWI:Z5RT:YUJP:76XY:ENE2:ZLGQ
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
### Logs
Container logs (set LOG_LEVEL to debug if applicable)
Hi! The Docker image is not updated to the latest released unbound version. It'd be great if you could merge the cache-db branch to the master. I've been using that branch without any issues for some time.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.