From: Tomas Krizek <tomas.krizek@nic.cz>
Date: Thu, 18 Apr 2019 07:19:08 +0000 (+0200)
Subject: docker: update ports, add doh
X-Git-Tag: v4.0.0~1^2~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=edcdd0121ee7110a68029fc236eefd15df1a1f5f;p=thirdparty%2Fknot-resolver.git

docker: update ports, add doh
---

diff --git a/Dockerfile b/Dockerfile
index 7b7663e49..a7d2fb784 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -66,8 +66,8 @@ FROM runtime
 LABEL cz.knot-resolver.vendor="CZ.NIC"
 LABEL maintainer="knot-resolver-users@lists.nic.cz"
 
-# Export DNS over UDP & TCP, DNS-over-TLS, web interface
-EXPOSE 53/UDP 53/TCP 853/TCP 8053/TCP
+# Export DNS over UDP & TCP, DNS-over-HTTPS, DNS-over-TLS, web interface
+EXPOSE 53/UDP 53/TCP 443/TCP 853/TCP 8453/TCP
 
 # Fetch Knot Resolver + Knot DNS libraries from build image
 COPY --from=build /tmp/root/ /
diff --git a/etc/config/config.docker.in b/etc/config/config.docker.in
index 1a54f1638..566c43e64 100644
--- a/etc/config/config.docker.in
+++ b/etc/config/config.docker.in
@@ -3,7 +3,9 @@
 
 -- Listen on all interfaces (localhost would not work in Docker)
 net.listen('0.0.0.0')
-net.listen('0.0.0.0', 853, {tls=true})
+net.listen('0.0.0.0', 853, { kind = 'tls' })
+net.listen('0.0.0.0', 443, { kind = 'doh' })
+net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })
 
 -- To disable DNSSEC validation, uncomment the following line (not recommended)
 -- trust_anchors.remove('.')
@@ -11,11 +13,7 @@ net.listen('0.0.0.0', 853, {tls=true})
 -- Load Useful modules
 modules = {
 	'stats',    -- Track internal statistics
-	-- Load HTTP module with defaults
-	http = {
-		host = '0.0.0.0',
-		port = 8053,
-	},
+	'http',
 }
 
 -- Smaller cache size
@@ -27,12 +25,13 @@ function print_help()
 	   .. 'Run this container using command:\n'
 	   .. '$ docker run -Pti cznic/knot-resolver\n'
 	   .. '\n'
-	   .. 'Docker will map ports 53, 853, and 8053 to some other numbers, see\n'
+	   .. 'Docker will map ports 53, 443, 853, and 8453 to some other numbers, see\n'
 	   .. '$ docker ps\n'
 	   .. '(column PORTS)\n'
 	   .. '53   -> DNS protocol over UDP and TCP\n'
+	   .. '443  -> DNS-over-HTTPS protocol\n'
 	   .. '853  -> DNS-over-TLS protocol\n'
-	   .. '8053 -> web interface\n'
+	   .. '8453 -> web interface\n'
 	   .. '\n'
 	   .. 'For verbose logging enter following command to prompt below:\n'
 	   .. 'verbose(true)\n')