Difference between revisions of "Personal DNS Docker Solution"

From Michael's Information Zone
Jump to navigation Jump to search
Line 52: Line 52:
  
 
</pre>
 
</pre>
==Mount Storage==
+
==Map Storage and ports==
 
<ref>https://docs.docker.com/storage/bind-mounts/#start-a-container-with-a-bind-mount</ref>So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following
 
<ref>https://docs.docker.com/storage/bind-mounts/#start-a-container-with-a-bind-mount</ref>So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following
 
*/nxfilter/backup
 
*/nxfilter/backup
Line 61: Line 61:
 
docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739
 
docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739
 
</pre>
 
</pre>
 +
At the same time I mapped relevant ports. For now I am passing through the ports from the host IP since that was what I did previously. Eventually I want to set this up to bridge to my LAN so I free up the ports for other things.
 +
==PiHole==
 +
Now the fun part. I want pihole to be the upstream to NXFilter, it seems to have better adblocking capabilities.

Revision as of 14:03, 3 November 2018

Purpose

In order to further learn Docker (for the first time essentially) wanted to create a multi-tier solution to "optimizing" my home DNS solution.

Initially I am thinking

Router -> NXFilter -> PiHole -> OpenDNS

Since I am not interested in tracking what device queries which domain, I prefer to use my Ubiquiti Edgrouter as the prefered DNS server for my home network. This makes it easy to swap upstream servers without having to monkey with DHCP.

Process

Going to play with the packetworks version of nxfilter docker image first. If it doesn't work for me I will build my own. I would like to mount the existing database and logs into the container to keep setup as minimal as possible. After all, docker images are made to be disposable.

docker pull docker.io/packetworks/nxfilter-base
docker run -itd docker.io/packetworks/nxfilter-base
docker exec -it c675111bd776 bash
                                        ##        .
                                  ## ## ##       ==
                               ## ## ## ##      ===
                           /""""""""""""""""\___/ ===
                      ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ /  ===- ~~~
                           \______ o          __/
                             \    \        __/
                              \____\______/
   ___          _                         ____             __
  <  /_________(_)__  ____  ________     / __ \____  _____/ /_____  _____
  / / ___/ ___/ / _ \/ __ \/ ___/ _ \   / / / / __ \/ ___/ //_/ _ \/ ___/
 / (__  ) /__/ /  __/ / / / /__/  __/  / /_/ / /_/ / /__/ ,< /  __/ /
/_/____/\___/_/\___/_/ /_/\___/\___/  /_____/\____/\___/_/|_|\___/_/
Alpine Linux 3.1 image. (Linux 4.4.0-77-generic #98-Ubuntu SMP Wed Apr 26 08:34:02 UTC 2017)
- with Java(TM) SE Runtime Environment (build 1.7.0_80-b15)

oot@~ > cat /etc/os-release 
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.1.4
PRETTY_NAME="Alpine Linux v3.1"
HOME_URL="http://alpinelinux.org"
BUG_REPORT_URL="http://bugs.alpinelinux.org"

root@~ > head /nxfilter/readme.txt 
*****************************************************************
NxFilter v4.3.2.7
  Author : Jinhee Lee
  Homepage : http://www.nxfilter.org
  Contact : support@nxfilter.org
*****************************************************************

NxFilter is a property of Jahastech.

Map Storage and ports

[1]So far so good. It was nice to see the latest version listed as my current instance was 4.2.3. Now I needed to shutdown everything, and re-run the container mounting the following

  • /nxfilter/backup
  • /nxfilter/db
  • /nxfilter/log

to my primary storage backend.

docker run -itd --name nxfilter1 -v /raid5/services/nxfilter/backup:/nxfilter/backup -v /raid5/services/nxfilter/db:/nxfilter/db -v /raid5/services/nxfilter/log:/nxfilter/log -p 53:53/udp -p 80:80 -p 443:443 a23f0f927739

At the same time I mapped relevant ports. For now I am passing through the ports from the host IP since that was what I did previously. Eventually I want to set this up to bridge to my LAN so I free up the ports for other things.

PiHole

Now the fun part. I want pihole to be the upstream to NXFilter, it seems to have better adblocking capabilities.