1
0
Fork 0
mirror of https://github.com/sujiba/pihole-unbound-hyperlocal.git synced 2025-07-10 13:55:12 +02:00

V.2022.04.1

This commit is contained in:
sujiba 2023-05-04 01:33:02 +02:00
parent decac2e099
commit f6b63afdc2
3 changed files with 18 additions and 10 deletions

View file

@ -1,5 +1,5 @@
# Get the latest Pi-hole version # Get the latest Pi-hole version
FROM pihole/pihole:2022.02.1 FROM pihole/pihole:2022.04.1
# Install necessary programs # Install necessary programs
RUN apt-get update && \ RUN apt-get update && \
@ -10,12 +10,17 @@ RUN apt-get update && \
# Additional configs # Additional configs
# unbound # unbound
COPY unbound-v1.9_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf # COPY unbound-v1.9_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf
COPY unbound-v1.13.1_pihole.conf /etc/unbound/unbound.conf.d/pihole.conf
# Download the DNS-Root-Zone. Change owner and move it to the right directory # Download the DNS-Root-Zone.
# Create the chroot directory.
# Copy / move files and change owner.
RUN wget -O root.hints https://www.internic.net/domain/named.root && \ RUN wget -O root.hints https://www.internic.net/domain/named.root && \
mv root.hints /var/lib/unbound/ && \ mkdir /usr/local/etc/unbound && \
chown unbound:unbound /var/lib/unbound/root.hints cp /var/lib/unbound/root.key /usr/local/etc/unbound/root.key && \
mv root.hints /usr/local/etc/unbound/ && \
chown -R unbound:unbound /usr/local/etc/unbound/root.*
# Unbound startup script # Unbound startup script
COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh COPY start_unbound_and_s6_init.sh start_unbound_and_s6_init.sh

View file

@ -1 +1 @@
2022.02.1 2022.04.1

View file

@ -1,8 +1,8 @@
server: server:
########################################################################### ###########################################################################
# BASIC SETTINGS # BASIC SETTINGS
########################################################################### ###########################################################################
# Listen to for queries from clients and answer from this network interface # Listen to for queries from clients and answer from this network interface
# and port. # and port.
interface: 127.0.0.1 interface: 127.0.0.1
@ -16,8 +16,11 @@ server:
# and for *native* IPv6 # and for *native* IPv6
prefer-ip6: no prefer-ip6: no
# Enable DNSSEC
auto-trust-anchor-file: "/usr/local/etc/unbound/root.key"
# where to find root server data # where to find root server data
root-hints: /var/lib/unbound/root.hints root-hints: "/usr/local/etc/unbound/root.hints"
# Reduce EDNS reassembly buffer size. # Reduce EDNS reassembly buffer size.
# Suggested by the unbound man page to reduce fragmentation reassembly problems # Suggested by the unbound man page to reduce fragmentation reassembly problems
@ -104,7 +107,7 @@ server:
# Enable chroot (i.e, change apparent root directory for the current # Enable chroot (i.e, change apparent root directory for the current
# running process and its children) # running process and its children)
#chroot: "/etc/unbound" chroot: "/usr/local/etc/unbound/"
# Deny queries of type ANY with an empty response. # Deny queries of type ANY with an empty response.
deny-any: yes deny-any: yes