add technitium.dns.server manifest

technitium.dns.server/docker-compose.yml

@@ -0,0 +1,46 @@
+version: "3.9"
+
+services:
+
+  # configure host machine (setting up custom dns server address):
+  # https://devilbox.readthedocs.io/en/latest/howto/dns/add-custom-dns-server-on-linux.html
+
+  dns-server:
+    container_name: dns-server
+    hostname: dns-server.00x097
+    image: technitium/dns-server:11.0.3
+    # For DHCP deployments, use "host" network mode and remove all the port mappings, including the ports array by commenting them
+    # network_mode: "host"
+    ports:
+      - "5380:5380/tcp" #DNS web console (HTTP)
+      # - "53443:53443/tcp" #DNS web console (HTTPS)
+      - "53:53/udp" #DNS service
+      - "53:53/tcp" #DNS service
+      # - "853:853/udp" #DNS-over-QUIC service
+      # - "853:853/tcp" #DNS-over-TLS service
+      # - "443:443/udp" #DNS-over-HTTPS service (HTTP/3)
+      # - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2)
+      # - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal)
+      # - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy)
+      # - "67:67/udp" #DHCP service      
+    environment:
+      DNS_SERVER_DOMAIN: dns-server.00x097 #The primary domain name used by this DNS Server to identify itself.
+      # DNS_SERVER_ADMIN_PASSWORD: password #DNS web console admin user password.
+      # DNS_SERVER_ADMIN_PASSWORD_FILE: password.txt #The path to a file that contains a plain text password for the DNS web console admin user.
+      # DNS_SERVER_PREFER_IPV6: false #DNS Server will use IPv6 for querying whenever possible with this option enabled.
+      # DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP: false #Enables DNS server optional protocol DNS-over-HTTP on TCP port 8053 to be used with a TLS terminating reverse proxy like nginx.
+      # DNS_SERVER_RECURSION: AllowOnlyForPrivateNetworks #Recursion options: Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks.
+      # DNS_SERVER_RECURSION_DENIED_NETWORKS: 1.1.1.0/24 #Comma separated list of IP addresses or network addresses to deny recursion. Valid only for `UseSpecifiedNetworks` recursion option.
+      # DNS_SERVER_RECURSION_ALLOWED_NETWORKS: 127.0.0.1, 192.168.1.0/24 #Comma separated list of IP addresses or network addresses to allow recursion. Valid only for `UseSpecifiedNetworks` recursion option.
+      # DNS_SERVER_ENABLE_BLOCKING: false #Sets the DNS server to block domain names using Blocked Zone and Block List Zone.
+      # DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT: false #Specifies if the DNS Server should respond with TXT records containing a blocked domain report for TXT type requests.
+      # DNS_SERVER_BLOCK_LIST_URLS:  #A comma separated list of block list URLs.
+      # DNS_SERVER_FORWARDERS: 1.1.1.1, 8.8.8.8 #Comma separated list of forwarder addresses.
+      # DNS_SERVER_FORWARDER_PROTOCOL: Tcp #Forwarder protocol options: Udp, Tcp, Tls, Https, HttpsJson.
+      # DNS_SERVER_LOG_USING_LOCAL_TIME: true #Enable this option to use local time instead of UTC for logging.
+    volumes:
+      - ./volumes/dns-server/config:/etc/dns
+    restart: unless-stopped
+    sysctls:
+      - net.ipv4.ip_local_port_range=1024 65000
+