Updated Unbound to version `1.22.0` and improved Docker setup
Test / test_build (push) Successful in 4m13s Details
Release / build_push (push) Successful in 44s Details

master 1.22.0
Gertjan Krol 2025-01-16 23:52:08 +01:00
parent 89d1889e57
commit 8b055fb30f
6 changed files with 43 additions and 30 deletions

View File

@ -3,6 +3,12 @@ All notable changes to this project will be documented in this file.
## [Unreleased] ## [Unreleased]
## [1.22.0]
- Updated Unbound to version `1.22.0`
- Fixed configuration for local healthcheck record
- Added `bootstrap-image.sh` to clean up the `Dockerfile`
- Moved the entrypoint definition inline within the `Dockerfile`
## [1.21.0] ## [1.21.0]
- Updated Unbound to version `1.21.0` - Updated Unbound to version `1.21.0`

View File

@ -1,29 +1,11 @@
FROM alpine:3.15.5 FROM alpine:3.15.5
ARG UNBOUND_VERSION=1.22.0
ARG UNBOUND_VERSION=1.21.0 COPY bootstrap-image.sh /tmp/
RUN sh /tmp/bootstrap-image.sh -x && rm -rf /tmp/*
# Install dependencies and build unbound, clean up after
RUN apk --update add --no-cache alpine-sdk bison dns-root-hints expat-dev flex git openssl-dev && \
# Clone at given tag and build Unbound from source (https://github.com/NLnetLabs/unbound)
git clone --depth 1 --branch "release-${UNBOUND_VERSION}" https://github.com/NLnetLabs/unbound.git /tmp/unbound && \
cd /tmp/unbound && \
./configure && \
make && \
make install && \
# Clean up build dependencies
make clean && \
cd /srv && \
rm -rf /tmp/* && \
apk del alpine-sdk bison expat-dev flex git openssl-dev
# Prepare image
COPY entrypoint.sh /srv/
COPY healthcheck.sh /srv/ COPY healthcheck.sh /srv/
# Prepare unbound
RUN addgroup -S unbound && adduser -S -G unbound unbound
RUN mkdir -p /srv/unbound/conf
COPY unbound.conf /srv/unbound/unbound.conf COPY unbound.conf /srv/unbound/unbound.conf
HEALTHCHECK --interval=10s --timeout=1s --retries=1 CMD sh /srv/healthcheck.sh HEALTHCHECK --interval=10s --timeout=1s --retries=1 CMD ["sh", "/srv/healthcheck.sh"]
ENTRYPOINT ["sh", "/srv/entrypoint.sh"] ENTRYPOINT ["sh", "-c", "unbound -V && unbound -c /srv/unbound/unbound.conf -d"]

View File

@ -6,4 +6,4 @@ When starting a container, `cap_add` `NET_ADMIN` might be needed to allow the in
Options: Options:
- Add additional config files to the `/srv/unbound/conf` container directory - Add additional config files to the `/srv/unbound/conf` container directory
- Override the default config by mounting a `/srv/unbound/unbound.conf` file - Override the default config by mounting a `/srv/unbound/unbound.conf` file

30
bootstrap-image.sh Normal file
View File

@ -0,0 +1,30 @@
#!/bin/sh
set -e
# Refuse to run without -x
if [ "$1" != "-x" ]; then
exit 1
fi
# Upgrade packages & install dependencies
apk --no-cache update && apk --no-cache upgrade
apk --no-cache add alpine-sdk bison dns-root-hints expat-dev flex git openssl-dev
# Clone Unbound source at given tag
git clone --depth 1 --branch "release-${UNBOUND_VERSION}" https://github.com/NLnetLabs/unbound.git /tmp/unbound
cd /tmp/unbound
# Build Unbound
sh configure
make
make install
# Clean up dependencies
make clean
apk --purge del -r alpine-sdk bison expat-dev flex git openssl-dev
# Prepare Unbound
addgroup -S unbound
adduser -S -G unbound unbound
mkdir -p /srv/unbound/conf

View File

@ -1,5 +0,0 @@
#!/bin/sh
echo 'Starting unbound...'
unbound -V
unbound -c /srv/unbound/unbound.conf -d

View File

@ -59,5 +59,5 @@ server:
access-control: 0.0.0.0/0 allow access-control: 0.0.0.0/0 allow
# Record used for container healthcheck # Record used for container healthcheck
local-zone: "healthrecord.unbound" nodefault local-zone: "healthcheck.unbound" nodefault
local-data: "healthcheck.unbound. A 127.0.0.1" local-data: "healthcheck.unbound. A 127.0.0.1"