GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ MatthewVance β†’ stubby-docker

MatthewVance / stubby-docker

Licence: MIT license
Run Stubby without losing the performance benefits of having a local caching DNS resolver.

Programming Languages

shell
77523 projects
Dockerfile
14818 projects

Labels

dnsdockerunbounddns-over-tls

Projects that are alternatives of or similar to stubby-docker

AdGuard-WireGuard-Unbound-Cloudflare
The Ultimate Network Security Guide πŸ”’ Protection | πŸ”Ž Privacy | πŸš€ Performance on home network 24/7 πŸ•› Accessible anywhere 🌏
Stars: ✭ 160 (+113.33%)
Mutual labels:  unbound, dns-over-tls
dns-resolver-infra
Privacy DNS infrastructure
Stars: ✭ 39 (-48%)
Mutual labels:  unbound, dns-over-tls
uppersafe-osfw
UPPERSAFE Open Source Firewall
Stars: ✭ 21 (-72%)
Mutual labels:  unbound
dns-server-setup
Ansible playbook to easily deploy new, fully configured, DNS servers.
Stars: ✭ 48 (-36%)
Mutual labels:  dns-over-tls
raspbian10-buster
Raspbian 10 (Buster) Lite Setup: with Wireguard, Pi-hole, Unbound
Stars: ✭ 54 (-28%)
Mutual labels:  unbound
unbound-dns-firewall
DNS-Firewall Python script for UNBOUND
Stars: ✭ 23 (-69.33%)
Mutual labels:  unbound
node-dns-over-tls
DNS-over-TLS API for Node.js
Stars: ✭ 18 (-76%)
Mutual labels:  dns-over-tls
DoTH-DNS
Your server doth DNS the safe way if you use DoTH-DNS.
Stars: ✭ 26 (-65.33%)
Mutual labels:  unbound
Wireguard-DNScrypt-VPN-Server
Fast setup wireguard server script, with dnscrypt and adblocking, maleware blocking, more blocking if you need. Use case eg. always on vpn and adblocking on ios or android, and be more secured in unknown networks.
Stars: ✭ 48 (-36%)
Mutual labels:  unbound
wireguard-setup
WireGuard and Unbound setup with Packer and Terraform.
Stars: ✭ 55 (-26.67%)
Mutual labels:  unbound
UnboundBL
πŸ›‘ DNSBL (adblock) on OPNsense with UnboundBL & Unbound DNS
Stars: ✭ 63 (-16%)
Mutual labels:  unbound
Hosts Blocklists
Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage
Stars: ✭ 1,749 (+2232%)
Mutual labels:  unbound
docker-mail-server
Ansible playbooks to deploy a full featured mail server stack using Docker.
Stars: ✭ 47 (-37.33%)
Mutual labels:  unbound
mailserver
Simple and full-featured mail server using Docker
Stars: ✭ 88 (+17.33%)
Mutual labels:  unbound
CyberSecurity-Box
Firewall-System based on OpenWRT or Pi-Hole with UnBound, TOR, optional Privoxy, opt. ntopng and opt. Configuration of the AVM FRITZ!Box with Presets for Security and Port-List. Please visit:
Stars: ✭ 20 (-73.33%)
Mutual labels:  unbound
pornhosts
Pornhosts a hosts-file formatted file of the RPZ zone file
Stars: ✭ 33 (-56%)
Mutual labels:  unbound
adblock-unbound
Build script to block ads for unbound
Stars: ✭ 32 (-57.33%)
Mutual labels:  unbound
AdGuardHome
Network-wide ads & trackers blocking DNS server
Stars: ✭ 16,027 (+21269.33%)
Mutual labels:  dns-over-tls
jp.tiar.app
jp.tiar.app
Stars: ✭ 28 (-62.67%)
Mutual labels:  dns-over-tls
mosdns-cn
A simple DNS forwarder that can make life easier.
Stars: ✭ 254 (+238.67%)
Mutual labels:  dns-over-tls
View All Similar Projects βž”

Unbound and Stubby Docker Images

What does this do?

This allows you to run Stubby without losing the performance benefits of having a local caching DNS resolver. Historically, Stubby had better DNS over TLS support than Unbound.

To achieve this, this setup uses two containers, one running Stubby and another running Unbound. Unbound exposes DNS over port 53 and forwards requests not in its cache to the Stubby container on port 8053 (not publically exposed). Stubby then performs DNS resolution over TLS. By default, this is configured to use Cloudflare DNS.

How to use

Building

sudo docker build -t mvance/stubby:latest .

sudo docker build -t mvance/unbound:1.13.1-stubby .

Standard usage

Run these containers with the following command:

docker-compose up -d

Next, point your DNS to the IP of your Docker host running the Unbound container.

Serve Custom DNS Records for Local Network

While Unbound is not a full authoritative name server, it supports resolving custom entries on a small, private LAN. In other words, you can use Unbound to resolve fake names such as your-computer.local within your LAN.

To support such custom entries using this image, you need to update the provided a-records.conf file. This conf file is where you will define your custom entries for forward and reverse resolution.

The a-records.conf file should use the following format:

# A Record
  #local-data: "somecomputer.local. A 192.168.1.1"
  local-data: β€œlaptop.local. A 192.168.1.2”

# PTR Record
  #local-data-ptr: "192.168.1.1 somecomputer.local."
  local-data-ptr: "192.168.1.2 laptop.local."

Use a customized Unbound configuration

Instead of using this image's default Unbound configuration, you may supply your own unbound.conf. See my unbound-docker README for further details. Note, you will likely want to apply the concepts from those directions via docker-compose.yml.

Issues

If you have any problems with or questions about this image, please contact me through a GitHub issue.

Contributing

You are invited to contribute new features, fixes, or updates, large or small. I imagine the upstream projects would be equally pleased to receive your contributions.

Please familiarize yourself with the repository's README.md file before attempting a pull request.

Before you start to code, I recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

Acknowledgments

These deserve credit for making this all possible.

Licenses

License

Unless otherwise specified, all code is released under the MIT License (MIT). See the repository's LICENSE file for details.

Licenses for other components

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].