36 lines
1.1 KiB
Docker
36 lines
1.1 KiB
Docker
FROM debian:trixie-slim
|
|
|
|
# install make for building config files, pdns-server and bind backend for serving zones
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
make \
|
|
pdns-server pdns-backend-bind pdns-backend-sqlite3 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# install configuration files, create necessary directories
|
|
WORKDIR /etc/powerdns
|
|
RUN rm -rf pdns.d && rm -f named.conf
|
|
RUN mkdir -p db pdns.d /var/run/pdns
|
|
COPY pdns.conf pdns.conf
|
|
COPY zones pri
|
|
|
|
# build additional config files from templates (tpl)
|
|
COPY primary tpl
|
|
COPY primary/Makefile .
|
|
RUN make
|
|
|
|
# cleanup
|
|
RUN rm -rf tpl Makefile
|
|
|
|
# User permissions (pdns)
|
|
RUN chown pdns db /var/run/pdns
|
|
|
|
# DNSSEC (primary only)
|
|
USER pdns
|
|
RUN pdnsutil create-bind-db /etc/powerdns/db/bind-dnssec-db.sqlite3
|
|
RUN pdnsutil secure-all-zones
|
|
RUN cd pri && for i in *; do pdnsutil set-nsec3 $i "1 1 5 $(od -N16 -x < /dev/urandom | head -n1 | cut -b9- | sed 's/ //gi')"; done
|
|
RUN pdnsutil rectify-all-zones
|
|
|
|
CMD ["pdns_server", "--guardian=no", "--daemon=no", "--loglevel=10", "--webserver=no"]
|