-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
56 lines (44 loc) · 1.66 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# 使用 Ubuntu 22.04 作为基础镜像
FROM ubuntu:22.04
# 备份原始的 sources.list 文件
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak
# 替换为指定的镜像源(这里以清华大学镜像源为例)
RUN sed -i 's/archive.ubuntu.com/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list
# 更新系统包并安装必要的工具和依赖项
RUN apt-get update && \
apt-get install -y wget unzip dnsutils build-essential libssl-dev \
libexpat1-dev flex bison libevent-dev && \
# 下载并解压 Unbound 源代码
wget https://github.com/NLnetLabs/unbound/archive/refs/tags/release-1.19.1.zip && \
mkdir unbound && \
unzip release-1.19.1.zip -d /unbound && \
cd /unbound/unbound-release-1.19.1 && \
# 编译并安装 Unbound
./configure && \
make && \
make install && \
ldconfig && \
# # 清理无用文件以减小镜像体积
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# 添加 unbound 用户
RUN adduser --system --no-create-home --group unbound
# 复制 data 文件夹的内容到 /usr/local/etc/unbound/
COPY data/ /usr/local/etc/unbound/
# 配置 Unbound
WORKDIR /usr/local/etc/unbound/
RUN cp unbound.conf unbound.conf.example &&\
cp unbound.conf.exploit unbound.conf
RUN pwd
RUN mkdir -p var && \
chmod 777 var && \
touch unbound.log && \
chmod 777 unbound.log && \
touch var/root.key && \
chmod 777 var/root.key
# unbound-anchor 返回非0退出代码
RUN unbound-anchor -a ./var/root.key || true
# 暴露默认 DNS 端口
EXPOSE 53/tcp 53/udp
# 设置容器启动时的默认命令为 shell
CMD ["/bin/bash"]