私人DNS unbound + dnsmasq private-dns(docker)

type

Post

status

Published

date

Feb 12, 2020

slug

2020/02/12/1581509736920

summary

私人DNS unbound + dnsmasq private-dns(docker)

private-dns unbound + dnsmasq (docker)

dnsmasq and unbound private dns, use docker.

介绍

使用 docker-compose 进行容器编排，很大程度上减少了学习成本，做到了开箱即用，GitHub 项目地址：https://github.com/expoli/private-dns-docker。

你所需要做的就是准备好自己的 dns 域名和相对应的 ssl 证书，然后将文件放到相应的目录即可。

文件结构


.
├── dnsmasq.d
│   └── unbound.conf
├── docker-compose.yaml
└── unbound
    └── ssl
        ├── ssl-service-key.key
        └── ssl-service-pem.pem

启动

1. 克隆项目


git clone <https://github.com/expoli/private-dns-docker.git>

2. 将自己对应的 ssl 密钥放入


cp path/to/your_ssl.key ./unbound/ssl/ssl-service-key.key
cp path/to/your_ssl.pem ./unbound/ssl/ssl-service-pem.pem

3. 启动


docker-compose up -d

4. 查看启动日志


docker-compose logs

文件示例

docker-compose.yaml


version: "3"
services:
  dnsmasq:
    image: tangcuyu/dnsmasq-server:latest
    restart: always
    ports:
      - "53:53"
    depends_on:
      - "unbound"
    volumes:
      - ./dnsmasq.d/:/etc/dnsmasq.d/
    network_mode: host
    container_name: "dnsmasq-server"

  unbound:
    image: tangcuyu/unbound-server:latest
    restart: always
    ports:
      - "853:853"
    volumes:
      - ./unbound/ssl/:/etc/unbound/ssl/
    environment:
      - DNS_DOMAIN_NAME=your_private_dns_domain_name
      - THREADS_NUM=number_of_unbound_threads
    container_name: "unbound-server"
    network_mode: host
    cap_add:
      - SYS_ADMIN

dnsmasq/unbound.conf


# Redirect everything to unbound dns server
no-resolv
domain-needed
filterwin2k
no-poll
server=127.0.0.1#853
cache-size=4096
proxy-dnssec

dnsmasq-server 项目

https://github.com/expoli/dnsmasq-server.git

unbound-server 项目

https://github.com/expoli/unbound-server.git