docker-compose部署
主节点192.168.31.219
| Code Block | ||
|---|---|---|
| ||
cat /data/dns/docker-compose.yml version: "3"
services:
dns-server:
container_name: dns
hostname: dns1
image: technitium/dns-server:latest
network_mode: "host"
# ports:
# - "5380:5380/tcp" #DNS web console (HTTP)
# # - "53443:53443/tcp" #DNS web console (HTTPS)
# - "53:53/udp" #DNS service
# - "53:53/tcp" #DNS service
# # - "853:853/udp" #DNS-over-QUIC service
# # - "853:853/tcp" #DNS-over-TLS service
# # - "443:443/udp" #DNS-over-HTTPS service (HTTP/3)
# # - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2)
# # - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal)
# # - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy)
# # - "67:67/udp" #DHCP service
environment:
- DNS_SERVER_DOMAIN=dns1 #The primary domain name used by this DNS Server to identify itself.
- DNS_SERVER_ADMIN_PASSWORD=Uenpay2023 #DNS web console admin user password.
# - DNS_SERVER_ADMIN_PASSWORD_FILE=password.txt #The path to a file that contains a plain text password for the DNS web console admin user.
- DNS_SERVER_PREFER_IPV6=false #DNS Server will use IPv6 for querying whenever possible with this option enabled.
# - DNS_SERVER_WEB_SERVICE_HTTP_PORT=5380 #The TCP port number for the DNS web console over HTTP protocol.
# - DNS_SERVER_WEB_SERVICE_HTTPS_PORT=53443 #The TCP port number for the DNS web console over HTTPS protocol.
# - DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS=false #Enables HTTPS for the DNS web console.
# - DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT=false #Enables self signed TLS certificate for the DNS web console.
# - DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP=false #Enables DNS server optional protocol DNS-over-HTTP on TCP port 8053 to be used with a TLS terminating reverse proxy like nginx.
# - DNS_SERVER_RECURSION=AllowOnlyForPrivateNetworks #Recursion options: Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks.
# - DNS_SERVER_RECURSION_DENIED_NETWORKS=1.1.1.0/24 #Comma separated list of IP addresses or network addresses to deny recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_RECURSION_ALLOWED_NETWORKS=127.0.0.1, 192.168.31.0/24 #Comma separated list of IP addresses or network addresses to allow recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_ENABLE_BLOCKING=false #Sets the DNS server to block domain names using Blocked Zone and Block List Zone.
# - DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT=false #Specifies if the DNS Server should respond with TXT records containing a blocked domain report for TXT type requests.
# - DNS_SERVER_BLOCK_LIST_URLS= #A comma separated list of block list URLs.
- DNS_SERVER_FORWARDERS=223.5.5.5, 223.6.6.6
# - DNS_SERVER_FORWARDER_PROTOCOL=Udp #Forwarder protocol options: Udp, Tcp, Tls, Https, HttpsJson.
- DNS_SERVER_LOG_USING_LOCAL_TIME=true
volumes:
- /etc/localtime:/etc/localtime:ro
- /data/dns/data:/etc/dns
restart: unless-stopped
# sysctls:
# - net.ipv4.ip_local_port_range=1024 65000 |
从节点192.168.31.222
| Code Block | ||
|---|---|---|
| ||
version: "3"
services:
dns-server:
container_name: dns
hostname: dns2
image: technitium/dns-server:latest
network_mode: "host"
# ports:
# - "5380:5380/tcp" #DNS web console (HTTP)
# # - "53443:53443/tcp" #DNS web console (HTTPS)
# - "53:53/udp" #DNS service
# - "53:53/tcp" #DNS service
# # - "853:853/udp" #DNS-over-QUIC service
# # - "853:853/tcp" #DNS-over-TLS service
# # - "443:443/udp" #DNS-over-HTTPS service (HTTP/3)
# # - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2)
# # - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal)
# # - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy)
# # - "67:67/udp" #DHCP service
environment:
- DNS_SERVER_DOMAIN=dns1 #The primary domain name used by this DNS Server to identify itself.
- DNS_SERVER_ADMIN_PASSWORD=Uenpay2023 #DNS web console admin user password.
# - DNS_SERVER_ADMIN_PASSWORD_FILE=password.txt #The path to a file that contains a plain text password for the DNS web console admin user.
- DNS_SERVER_PREFER_IPV6=false #DNS Server will use IPv6 for querying whenever possible with this option enabled.
# - DNS_SERVER_WEB_SERVICE_HTTP_PORT=5380 #The TCP port number for the DNS web console over HTTP protocol.
# - DNS_SERVER_WEB_SERVICE_HTTPS_PORT=53443 #The TCP port number for the DNS web console over HTTPS protocol.
# - DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS=false #Enables HTTPS for the DNS web console.
# - DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT=false #Enables self signed TLS certificate for the DNS web console.
# - DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP=false #Enables DNS server optional protocol DNS-over-HTTP on TCP port 8053 to be used with a TLS terminating reverse proxy like nginx.
# - DNS_SERVER_RECURSION=AllowOnlyForPrivateNetworks #Recursion options: Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks.
# - DNS_SERVER_RECURSION_DENIED_NETWORKS=1.1.1.0/24 #Comma separated list of IP addresses or network addresses to deny recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_RECURSION_ALLOWED_NETWORKS=127.0.0.1, 192.168.31.0/24 #Comma separated list of IP addresses or network addresses to allow recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_ENABLE_BLOCKING=false #Sets the DNS server to block domain names using Blocked Zone and Block List Zone.
# - DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT=false #Specifies if the DNS Server should respond with TXT records containing a blocked domain report for TXT type requests.
# - DNS_SERVER_BLOCK_LIST_URLS= #A comma separated list of block list URLs.
- DNS_SERVER_FORWARDERS=223.5.5.5, 223.6.6.6
# - DNS_SERVER_FORWARDER_PROTOCOL=Udp #Forwarder protocol options: Udp, Tcp, Tls, Https, HttpsJson.
- DNS_SERVER_LOG_USING_LOCAL_TIME=true
volumes:
- /etc/localtime:/etc/localtime:ro
- /data/dns/data:/etc/dns
restart: unless-stopped
# sysctls:
# - net.ipv4.ip_local_port_range=1024 65000 |
...