docker: update ports, add doh

parent e06f3d78
......@@ -66,8 +66,8 @@ FROM runtime
LABEL cz.knot-resolver.vendor="CZ.NIC"
LABEL maintainer="knot-resolver-users@lists.nic.cz"
# Export DNS over UDP & TCP, DNS-over-TLS, web interface
EXPOSE 53/UDP 53/TCP 853/TCP 8053/TCP
# Export DNS over UDP & TCP, DNS-over-HTTPS, DNS-over-TLS, web interface
EXPOSE 53/UDP 53/TCP 443/TCP 853/TCP 8453/TCP
# Fetch Knot Resolver + Knot DNS libraries from build image
COPY --from=build /tmp/root/ /
......
......@@ -3,7 +3,9 @@
-- Listen on all interfaces (localhost would not work in Docker)
net.listen('0.0.0.0')
net.listen('0.0.0.0', 853, {tls=true})
net.listen('0.0.0.0', 853, { kind = 'tls' })
net.listen('0.0.0.0', 443, { kind = 'doh' })
net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })
-- To disable DNSSEC validation, uncomment the following line (not recommended)
-- trust_anchors.remove('.')
......@@ -11,11 +13,7 @@ net.listen('0.0.0.0', 853, {tls=true})
-- Load Useful modules
modules = {
'stats', -- Track internal statistics
-- Load HTTP module with defaults
http = {
host = '0.0.0.0',
port = 8053,
},
'http',
}
-- Smaller cache size
......@@ -27,12 +25,13 @@ function print_help()
.. 'Run this container using command:\n'
.. '$ docker run -Pti cznic/knot-resolver\n'
.. '\n'
.. 'Docker will map ports 53, 853, and 8053 to some other numbers, see\n'
.. 'Docker will map ports 53, 443, 853, and 8453 to some other numbers, see\n'
.. '$ docker ps\n'
.. '(column PORTS)\n'
.. '53 -> DNS protocol over UDP and TCP\n'
.. '443 -> DNS-over-HTTPS protocol\n'
.. '853 -> DNS-over-TLS protocol\n'
.. '8053 -> web interface\n'
.. '8453 -> web interface\n'
.. '\n'
.. 'For verbose logging enter following command to prompt below:\n'
.. 'verbose(true)\n')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment