Docker: fix Dockerfile for demo container

libstdc++ was missing in the Alpine image.
At the same time, I've enabled DNSSEC validation, DNS-over-TLS, HTTP interface
and added explanatory message.

diff --git a/scripts/Dockerfile b/scripts/Dockerfile
index 2ab7c7e66ce624c3f2513a6ece6fb19047ce78cf..f0399f0853a1e4499cc4f9304472232afad8a8f4 100644 (file)
--- a/scripts/Dockerfile
+++ b/scripts/Dockerfile
@@ -1,23 +1,25 @@
 FROM alpine:edge
-MAINTAINER Marek Vavrusa <marek.vavrusa@nic.cz>
+MAINTAINER Knot Resolver team <knot-resolver-users@lists.nic.cz>
 
 # Environment
 ENV BUILD_PKGS build-base automake autoconf libtool pkgconfig git luajit-dev libuv-dev gnutls-dev jansson-dev userspace-rcu-dev curl vim bsd-compat-headers
-ENV RUN_PKGS luajit libuv gnutls jansson bash
+ENV RUN_PKGS luajit libuv gnutls jansson bash libstdc++ lua5.1-cqueues lua5.1-http lua5.1-sec lua5.1-socket
 ENV BUILD_IGNORE gmp nettle jansson gnutls lua libuv cmocka
 ENV PKG_CONFIG_PATH /usr/local/lib/pkgconfig
 ENV CFLAGS -O2 -ftree-vectorize -fstack-protector -g
 ENV LDFLAGS -Wl,--as-needed
 
-# Expose port
-EXPOSE 53
+# export DNS over UDP & TCP, DNS-over-TLS, web interface
+EXPOSE 53/UDP 53/TCP 853/TCP 8053/TCP
 
 # Select entrypoint
 WORKDIR /data
-CMD ["/usr/local/sbin/kresd"]
+COPY "config.docker" "/data"
+CMD ["/usr/local/sbin/kresd", "-c", "/data/config.docker"]
 
 # Install dependencies and sources
 RUN \
+apk add -t lua5.1-compat5.3 lua5.1-compat53 && \
 apk --update add ${RUN_PKGS} && \
 apk add --virtual build-dep ${BUILD_PKGS} && \
 git clone --depth 1 --recurse-submodules=modules/policy/lua-aho-corasick \

diff --git a/scripts/config.docker b/scripts/config.docker
new file mode 100644 (file)
index 0000000..323283e
--- /dev/null
+++ b/scripts/config.docker
@@ -0,0 +1,41 @@
+-- Refer to manual: https://knot-resolver.readthedocs.io/en/latest/daemon.html#configuration
+
+-- Listen on all interfaces (localhost would not work in Docker)
+net.listen('0.0.0.0')
+net.listen('0.0.0.0', {tls=true})
+
+-- Auto-maintain root TA
+trust_anchors.file = '/data/root.keys'
+
+-- Load Useful modules
+modules = {
+       'policy',   -- Block queries to local zones/bad sites
+       'stats',    -- Track internal statistics
+       -- Load HTTP module with defaults
+        http = {
+                host = '0.0.0.0',
+                port = 8053,
+        }
+}
+
+-- Smaller cache size
+cache.size = 10 * MB
+
+function print_help()
+       print('\nUsage\n'
+          .. '=====\n'
+          .. 'Run this container using command:\n'
+          .. '$ docker run -Pti cznic/knot-resolver\n'
+          .. '\n'
+          .. 'Docker will map ports 53, 853, and 8053 to some other numbers, see\n'
+          .. '$ docker ps\n'
+          .. '(column PORTS)\n'
+          .. '80   -> DNS protocol over UDP and TCP\n'
+          .. '853  -> DNS-over-TLS protocol\n'
+          .. '8053 -> web interface\n'
+          .. '\n'
+          .. 'For verbose logging enter following command to prompt below:\n'
+          .. 'verbose(true)\n')
+end
+print_help()
+event.after(11000, print_help)