# our chosen base image
-FROM debian:10-slim AS builder
+FROM debian:11-slim AS builder
ENV NO_LUA_JIT="s390x arm64"
--with-lua=${LUAVER} \
--sysconfdir=/etc/powerdns \
--enable-option-checking=fatal \
- --with-dynmodules='bind geoip gmysql godbc gpgsql gsqlite3 ldap lmdb lua2 pipe random remote tinydns' \
+ --with-dynmodules='bind geoip gmysql godbc gpgsql gsqlite3 ldap lmdb lua2 pipe remote tinydns' \
--enable-tools \
--enable-ixfrdist \
--with-unixodbc-lib=/usr/lib/$(dpkg-architecture -q DEB_BUILD_GNU_TYPE) && \
dpkg-deb -I equivs-dummy_1.0_all.deb && cp equivs-dummy_1.0_all.deb /build/tmp/
# Runtime
-FROM debian:10-slim
+FROM debian:11-slim
# Reusable layer for base update - Should be cached from builder
RUN apt-get update && apt-get -y dist-upgrade && apt-get clean
# Ensure python3 and jinja2 is present (for startup script), and sqlite3 (for db schema), and tini (for signal management),
-# and vim (for pdnsutil edit-zone)
-RUN apt-get install -y python3 python3-jinja2 sqlite3 tini libcap2-bin vim-tiny && apt-get clean
+# and vim (for pdnsutil edit-zone) , and supervisor (for special use cases requiring advanced process management)
+RUN apt-get install -y python3 python3-jinja2 sqlite3 tini libcap2-bin vim-tiny supervisor && apt-get clean
# Output from builder
COPY --from=builder /build /
RUN chmod 1777 /tmp # FIXME: better not use /build/tmp for equivs at all
-RUN setcap 'cap_net_bind_service=+eip' /usr/local/sbin/pdns_server
# Ensure dependencies are present
-RUN apt install -y /tmp/equivs-dummy_1.0_all.deb && apt clean
+RUN apt-get install -y /tmp/equivs-dummy_1.0_all.deb && apt-get clean
# Start script
COPY dockerdata/startup.py /usr/local/sbin/pdns_server-startup
# Set up database - this needs to be smarter
RUN sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/local/share/doc/pdns/schema.sqlite3.sql
-# DNS ports
+# Default DNS ports
EXPOSE 53/udp
EXPOSE 53/tcp
-# webserver port
+# Default webserver port
EXPOSE 8081/tcp
ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/sbin/pdns_server-startup"]