mirror of
https://github.com/casjaysdevdocker/ddns
synced 2026-06-24 14:01:05 -04:00
♻️ Migrate ddns to /config/ source-of-truth architecture ♻️
Migrate ddns Docker image to the new build-time config architecture. - rootfs/root/docker/setup/03-files.sh: rewrite to canonical form with /tmp/bin, /tmp/var, /tmp/etc, /tmp/usr handlers - rootfs/usr/local/etc/docker/functions/entrypoint.sh: update to latest template - rootfs/usr/local/etc/docker/init.d/*.sh: fix $(basename) UUOC; move inline comments above code lines - rootfs/tmp/etc/: add named, dhcp, nginx, tor, named.conf, radvd.conf configs deployed to /etc/ at build time - rootfs/tmp/usr/: add htdocs and named data files deployed to /usr/local/share/ at build time - rootfs/usr/local/share/template-files/: delete; config now deployed via /tmp/etc/ and /tmp/usr/ at build time rootfs/root/docker/setup/03-files.sh rootfs/tmp/ rootfs/usr/local/etc/docker/functions/entrypoint.sh rootfs/usr/local/share/template-files/config/dhcp/dhcpd4.conf rootfs/usr/local/share/template-files/config/dhcp/dhcpd6.conf rootfs/usr/local/share/template-files/config/env/default.sample rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh rootfs/usr/local/share/template-files/config/env/examples/addresses.sh rootfs/usr/local/share/template-files/config/env/examples/certbot.sh rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh rootfs/usr/local/share/template-files/config/env/examples/global.sh rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh rootfs/usr/local/share/template-files/config/env/examples/networking.sh rootfs/usr/local/share/template-files/config/env/examples/other.sh rootfs/usr/local/share/template-files/config/env/examples/php.sh rootfs/usr/local/share/template-files/config/env/examples/postgres.sh rootfs/usr/local/share/template-files/config/env/examples/redis.sh rootfs/usr/local/share/template-files/config/env/examples/services.sh rootfs/usr/local/share/template-files/config/env/examples/ssl.sh rootfs/usr/local/share/template-files/config/env/examples/supabase.sh rootfs/usr/local/share/template-files/config/env/examples/webservers.sh rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh rootfs/usr/local/share/template-files/config/.gitkeep rootfs/usr/local/share/template-files/config/named/certbot-update.conf rootfs/usr/local/share/template-files/config/named/common/001-soa.inc rootfs/usr/local/share/template-files/config/named/common/002-nameservers.inc rootfs/usr/local/share/template-files/config/named/common/003-dns.inc rootfs/usr/local/share/template-files/config/named.conf rootfs/usr/local/share/template-files/config/named/config/0000-logging.conf rootfs/usr/local/share/template-files/config/named/config/0001-rndc.conf rootfs/usr/local/share/template-files/config/named/config/0001-rndc.key rootfs/usr/local/share/template-files/config/named/config/0002-acl.conf rootfs/usr/local/share/template-files/config/named/hosted/host.ddns.conf rootfs/usr/local/share/template-files/config/named/hosted/ip.ddns.conf rootfs/usr/local/share/template-files/config/named/keys/managed-keys.bind rootfs/usr/local/share/template-files/config/named/zones/000-hint.conf rootfs/usr/local/share/template-files/config/named/zones/000-localdomain.zone rootfs/usr/local/share/template-files/config/named/zones/000-localhost.zone rootfs/usr/local/share/template-files/config/named/zones/000-tor.zone rootfs/usr/local/share/template-files/config/named/zones/001-ddns.zone rootfs/usr/local/share/template-files/config/nginx/mime.types rootfs/usr/local/share/template-files/config/nginx/nginx.conf rootfs/usr/local/share/template-files/config/nginx/nginx.ssl.conf rootfs/usr/local/share/template-files/config/radvd.conf rootfs/usr/local/share/template-files/config/tor/torrc rootfs/usr/local/share/template-files/data/.gitkeep rootfs/usr/local/share/template-files/data/htdocs/www/css/.gitkeep rootfs/usr/local/share/template-files/data/htdocs/www/images/.gitkeep rootfs/usr/local/share/template-files/data/htdocs/www/index.php rootfs/usr/local/share/template-files/data/htdocs/www/js/.gitkeep rootfs/usr/local/share/template-files/data/named/data/hint rootfs/usr/local/share/template-files/data/named/data/localdomain.conf rootfs/usr/local/share/template-files/data/named/data/localhost4.rev rootfs/usr/local/share/template-files/data/named/data/localhost6.rev rootfs/usr/local/share/template-files/data/named/data/localhost.zone rootfs/usr/local/share/template-files/data/named/dynamic/ddns.zone rootfs/usr/local/share/template-files/data/named/dynamic/inc/cnames.ddns.zone rootfs/usr/local/share/template-files/data/named/dynamic/inc/static.ipv4.arpa.rev rootfs/usr/local/share/template-files/data/named/dynamic/inc/static.ipv4.ddns.zone rootfs/usr/local/share/template-files/data/named/dynamic/inc/static.ipv6.arpa.rev rootfs/usr/local/share/template-files/data/named/dynamic/inc/static.ipv6.ddns.zone rootfs/usr/local/share/template-files/data/named/dynamic/inc/static.sso.ddns.zone rootfs/usr/local/share/template-files/data/named/master/.gitkeep rootfs/usr/local/share/template-files/data/named/reverse/in-addr.arpa.rev rootfs/usr/local/share/template-files/data/named/reverse/ip6.arpa.rev rootfs/usr/local/share/template-files/data/named/slaves/.gitkeep rootfs/usr/local/share/template-files/defaults/.gitkeep
This commit is contained in:
@@ -0,0 +1,8 @@
|
||||
#Certbot DNS
|
||||
dns_rfc2136_server = 127.0.0.1
|
||||
# TSIG key name
|
||||
dns_rfc2136_name = certbot.
|
||||
# TSIG key secret
|
||||
dns_rfc2136_secret = REPLACE_WITH_RNDC_KEY
|
||||
# TSIG key algorithm
|
||||
dns_rfc2136_algorithm = HMAC-MD5
|
||||
@@ -0,0 +1,9 @@
|
||||
;default soa records
|
||||
$TTL 38400 ; 10 hours 40 minutes
|
||||
@ IN SOA dns dns-admin (
|
||||
2021040901 ; serial
|
||||
10800 ; refresh (3 hours)
|
||||
3600 ; retry (1 hour)
|
||||
1209600 ; expire (2 weeks)
|
||||
38400 ; minimum (10 hours 40 minutes)
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
;default nameservers
|
||||
@ IN NS dns
|
||||
@@ -0,0 +1,8 @@
|
||||
;local dns
|
||||
dns IN A REPLACE_IPV4_ADDRESS
|
||||
dns IN AAAA REPLACE_IPV6_ADDRESS
|
||||
|
||||
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWQ16IV4OzWniRotqTNUvuwO5KknZMm5F5cOQl+Ch20Zm5D3RSL27AcjGE8DXIlkADDG3jFoXKOPilmCyf6ikqDX9PwBpeveY6ugaASMl6DHK4PSGZby6EmFuNu59kIpPJXac7Wwvy7Kd5mWVTZBxQt3ersDf8KRzL+Akr0IE7DwIDAQAB" ) ;
|
||||
*.default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWQ16IV4OzWniRotqTNUvuwO5KknZMm5F5cOQl+Ch20Zm5D3RSL27AcjGE8DXIlkADDG3jFoXKOPilmCyf6ikqDX9PwBpeveY6ugaASMl6DHK4PSGZby6EmFuNu59kIpPJXac7Wwvy7Kd5mWVTZBxQt3ersDf8KRzL+Akr0IE7DwIDAQAB" ) ;
|
||||
@@ -0,0 +1,104 @@
|
||||
logging {
|
||||
# channel default {
|
||||
# file "/data/log/dns/default.log";
|
||||
# severity debug;
|
||||
# print-category yes;
|
||||
# print-severity yes;
|
||||
# print-time yes;
|
||||
# };
|
||||
# category lame-servers {
|
||||
# default;
|
||||
# };
|
||||
# category dispatch {
|
||||
# default;
|
||||
# };
|
||||
# category network {
|
||||
# default;
|
||||
# };
|
||||
# category unmatched {
|
||||
# default;
|
||||
# };
|
||||
# category client {
|
||||
# default;
|
||||
# };
|
||||
# category resolver {
|
||||
# default;
|
||||
# };
|
||||
# category config {
|
||||
# default;
|
||||
# };
|
||||
# category database {
|
||||
# default;
|
||||
# };
|
||||
# category general {
|
||||
# default;
|
||||
# };
|
||||
# category default {
|
||||
# default;
|
||||
# };
|
||||
|
||||
channel security {
|
||||
file "/data/log/dns/default.log";
|
||||
severity dynamic;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category security {
|
||||
security;
|
||||
};
|
||||
category dnssec {
|
||||
security;
|
||||
};
|
||||
|
||||
channel xfer-in {
|
||||
file "/data/log/dns/default.log";
|
||||
severity info;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category xfer-in {
|
||||
xfer-in;
|
||||
};
|
||||
channel xfer-out {
|
||||
file "/data/log/dns/default.log";
|
||||
severity info;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category xfer-out {
|
||||
xfer-out;
|
||||
};
|
||||
|
||||
channel update {
|
||||
file "/data/log/dns/default.log";
|
||||
severity info;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category update {
|
||||
update;
|
||||
};
|
||||
|
||||
channel notify {
|
||||
file "/data/log/dns/default.log";
|
||||
severity info;
|
||||
print-category yes;
|
||||
print-severity yes;
|
||||
print-time yes;
|
||||
};
|
||||
category notify {
|
||||
notify;
|
||||
};
|
||||
|
||||
channel querylog {
|
||||
file "/data/log/dns/default.log";
|
||||
severity info;
|
||||
print-time yes;
|
||||
};
|
||||
category queries {
|
||||
querylog;
|
||||
};
|
||||
};
|
||||
@@ -0,0 +1,3 @@
|
||||
controls {
|
||||
inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; };
|
||||
};
|
||||
@@ -0,0 +1,4 @@
|
||||
key "rndc-key" {
|
||||
algorithm hmac-md5;
|
||||
secret "REPLACE_WITH_RNDC_KEY";
|
||||
};
|
||||
@@ -0,0 +1,10 @@
|
||||
acl "trusted" {
|
||||
127.0.0.0/8;
|
||||
10.0.0.0/8;
|
||||
172.0.0.0/12;
|
||||
192.168.0.0/16;
|
||||
::1/128;
|
||||
2001:db8:edfa:1234::/64;
|
||||
localhost;
|
||||
localnets;
|
||||
};
|
||||
@@ -0,0 +1,5 @@
|
||||
;host info
|
||||
@ HINFO "HP DL360" "CentOS"
|
||||
* HINFO "HP DL360" "CentOS"
|
||||
@ IN TXT "Hosted on REPLACE_DOMAIN"
|
||||
* IN TXT "Hosted on REPLACE_DOMAIN"
|
||||
@@ -0,0 +1,5 @@
|
||||
;default server
|
||||
@ IN A REPLACE_IPV4_ADDRESS
|
||||
* IN A REPLACE_IPV4_ADDRESS
|
||||
@ IN AAAA REPLACE_IPV6_ADDRESS
|
||||
* IN AAAA REPLACE_IPV6_ADDRESS
|
||||
@@ -0,0 +1,33 @@
|
||||
$ORIGIN .
|
||||
$TTL 0 ; 0 seconds
|
||||
@ IN SOA . . (
|
||||
1930 ; serial
|
||||
0 ; refresh (0 seconds)
|
||||
0 ; retry (0 seconds)
|
||||
0 ; expire (0 seconds)
|
||||
0 ; minimum (0 seconds)
|
||||
)
|
||||
KEYDATA 20201227202202 20180303084353 19700101000000 257 3 8 (
|
||||
AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQ
|
||||
bSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh
|
||||
/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWA
|
||||
JQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXp
|
||||
oY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3
|
||||
LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGO
|
||||
Yl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGc
|
||||
LmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=
|
||||
) ; KSK; alg = RSASHA256; key id = 19036
|
||||
; next refresh: Sun, 27 Dec 2020 20:22:02 GMT
|
||||
; trusted since: Sat, 03 Mar 2018 08:43:53 GMT
|
||||
KEYDATA 20201227202202 20180303084353 19700101000000 257 3 8 (
|
||||
AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTO
|
||||
iW1vkIbzxeF3+/4RgWOq7HrxRixHlFlExOLAJr5emLvN
|
||||
7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5
|
||||
LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF0jLHwVN8
|
||||
efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7
|
||||
pr+eoZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLY
|
||||
A4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnXGXws
|
||||
9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU=
|
||||
) ; KSK; alg = RSASHA256; key id = 20326
|
||||
; next refresh: Sun, 27 Dec 2020 20:22:02 GMT
|
||||
; trusted since: Sat, 03 Mar 2018 08:43:53 GMT
|
||||
@@ -0,0 +1,4 @@
|
||||
zone "." in {
|
||||
type hint;
|
||||
file "data/hint";
|
||||
};
|
||||
@@ -0,0 +1,6 @@
|
||||
zone "local" {
|
||||
type master;
|
||||
file "data/localdomain.conf";
|
||||
allow-update { trusted; };
|
||||
allow-transfer { trusted; };
|
||||
};
|
||||
@@ -0,0 +1,14 @@
|
||||
zone "localhost" {
|
||||
type master;
|
||||
file "data/localhost.zone";
|
||||
};
|
||||
|
||||
zone "0.0.127.in-addr.arpa" {
|
||||
type master;
|
||||
file "data/localhost4.rev";
|
||||
};
|
||||
|
||||
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
|
||||
type master;
|
||||
file "data/localhost6.rev";
|
||||
};
|
||||
@@ -0,0 +1,10 @@
|
||||
zone "onion" {
|
||||
type forward;
|
||||
forward only;
|
||||
forwarders { 127.0.0.1 port 8053; };
|
||||
};
|
||||
zone "exit" {
|
||||
type forward;
|
||||
forward only;
|
||||
forwarders { 127.0.0.1 port 8053; };
|
||||
};
|
||||
@@ -0,0 +1,21 @@
|
||||
zone "REPLACE_DOMAIN" {
|
||||
type master;
|
||||
file "dynamic/ddns.zone";
|
||||
allow-update { trusted; };
|
||||
allow-transfer { trusted; };
|
||||
};
|
||||
|
||||
zone "in-addr.arpa" {
|
||||
type master;
|
||||
file "reverse/in-addr.arpa.rev";
|
||||
allow-update { trusted; };
|
||||
allow-transfer { trusted; };
|
||||
|
||||
};
|
||||
|
||||
zone "ip6.arpa" {
|
||||
type master;
|
||||
file "reverse/ip6.arpa.rev";
|
||||
allow-update { trusted; };
|
||||
allow-transfer { trusted; };
|
||||
};
|
||||
Reference in New Issue
Block a user