LABEL cz.knot-resolver.vendor="CZ.NIC"
LABEL maintainer="knot-resolver-users@lists.nic.cz"
-# Export DNS over UDP & TCP, DNS-over-TLS, web interface
-EXPOSE 53/UDP 53/TCP 853/TCP 8053/TCP
+# Export DNS over UDP & TCP, DNS-over-HTTPS, DNS-over-TLS, web interface
+EXPOSE 53/UDP 53/TCP 443/TCP 853/TCP 8453/TCP
# Fetch Knot Resolver + Knot DNS libraries from build image
COPY --from=build /tmp/root/ /
-- Listen on all interfaces (localhost would not work in Docker)
net.listen('0.0.0.0')
-net.listen('0.0.0.0', 853, {tls=true})
+net.listen('0.0.0.0', 853, { kind = 'tls' })
+net.listen('0.0.0.0', 443, { kind = 'doh' })
+net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })
-- To disable DNSSEC validation, uncomment the following line (not recommended)
-- trust_anchors.remove('.')
-- Load Useful modules
modules = {
'stats', -- Track internal statistics
- -- Load HTTP module with defaults
- http = {
- host = '0.0.0.0',
- port = 8053,
- },
+ 'http',
}
-- Smaller cache size
.. 'Run this container using command:\n'
.. '$ docker run -Pti cznic/knot-resolver\n'
.. '\n'
- .. 'Docker will map ports 53, 853, and 8053 to some other numbers, see\n'
+ .. 'Docker will map ports 53, 443, 853, and 8453 to some other numbers, see\n'
.. '$ docker ps\n'
.. '(column PORTS)\n'
.. '53 -> DNS protocol over UDP and TCP\n'
+ .. '443 -> DNS-over-HTTPS protocol\n'
.. '853 -> DNS-over-TLS protocol\n'
- .. '8053 -> web interface\n'
+ .. '8453 -> web interface\n'
.. '\n'
.. 'For verbose logging enter following command to prompt below:\n'
.. 'verbose(true)\n')
projects / thirdparty / knot-resolver.git / commitdiff
