Difference between revisions of "Personal DNS Docker Solution"
Michael.mast (talk | contribs) |
Michael.mast (talk | contribs) |
||
Line 52: | Line 52: | ||
</pre> | </pre> | ||
− | == | + | ==Map Storage and ports== |
<ref>https://docs.docker.com/storage/bind-mounts/#start-a-container-with-a-bind-mount</ref>So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following | <ref>https://docs.docker.com/storage/bind-mounts/#start-a-container-with-a-bind-mount</ref>So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following | ||
*/nxfilter/backup | */nxfilter/backup | ||
Line 61: | Line 61: | ||
docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739 | docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739 | ||
</pre> | </pre> | ||
+ | At the same time I mapped relevant ports. For now I am passing through the ports from the host IP since that was what I did previously. Eventually I want to set this up to bridge to my LAN so I free up the ports for other things. | ||
+ | ==PiHole== | ||
+ | Now the fun part. I want pihole to be the upstream to NXFilter, it seems to have better adblocking capabilities. |
Revision as of 14:03, 3 November 2018
Purpose
In order to further learn Docker (for the first time essentially) wanted to create a multi-tier solution to "optimizing" my home DNS solution.
Initially I am thinking
Router -> NXFilter -> PiHole -> OpenDNS
Since I am not interested in tracking what device queries which domain, I prefer to use my Ubiquiti Edgrouter as the prefered DNS server for my home network. This makes it easy to swap upstream servers without having to monkey with DHCP.
Process
Going to play with the packetworks version of nxfilter docker image first. If it doesn't work for me I will build my own. I would like to mount the existing database and logs into the container to keep setup as minimal as possible. After all, docker images are made to be disposable.
docker pull docker.io/packetworks/nxfilter-base docker run -itd docker.io/packetworks/nxfilter-base docker exec -it c675111bd776 bash ## . ## ## ## == ## ## ## ## === /""""""""""""""""\___/ === ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~ \______ o __/ \ \ __/ \____\______/ ___ _ ____ __ < /_________(_)__ ____ ________ / __ \____ _____/ /_____ _____ / / ___/ ___/ / _ \/ __ \/ ___/ _ \ / / / / __ \/ ___/ //_/ _ \/ ___/ / (__ ) /__/ / __/ / / / /__/ __/ / /_/ / /_/ / /__/ ,< / __/ / /_/____/\___/_/\___/_/ /_/\___/\___/ /_____/\____/\___/_/|_|\___/_/ Alpine Linux 3.1 image. (Linux 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017) - with Java(TM) SE Runtime Environment (build 1.7.0_80-b15) oot@~ > cat /etc/os-release NAME="Alpine Linux" ID=alpine VERSION_ID=3.1.4 PRETTY_NAME="Alpine Linux v3.1" HOME_URL="http://alpinelinux.org" BUG_REPORT_URL="http://bugs.alpinelinux.org" root@~ > head /nxfilter/readme.txt ***************************************************************** NxFilter v4.3.2.7 Author : Jinhee Lee Homepage : http://www.nxfilter.org Contact : support@nxfilter.org ***************************************************************** NxFilter is a property of Jahastech.
Map Storage and ports
[1]So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following
- /nxfilter/backup
- /nxfilter/db
- /nxfilter/log
to my primary storage backend.
docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739
At the same time I mapped relevant ports. For now I am passing through the ports from the host IP since that was what I did previously. Eventually I want to set this up to bridge to my LAN so I free up the ports for other things.
PiHole
Now the fun part. I want pihole to be the upstream to NXFilter, it seems to have better adblocking capabilities.