This is a PowerDNS authoritative docker image designed to handle minor and major updates seamlessly.
The images are built and tested on multiple platforms.
| Architecture |
|---|
| x86-64 |
| arm64 |
| armv7l |
This image provides various versions that are available via tags. latest tag provides the latest stable version.
| Tag | Description |
|---|---|
| latest | Latest release |
| 4.6-latest | Latest micro release of 4.6 |
| 4.5-latest | Latest micro release of 4.5 |
This container is designed to parse config from both environment variables and volume mount. The order of which is first a set of sane default values which include gsqlite3.
Defaults -> mounted config -> environment variables
Environment variables will always overwerite the rest
Docker env: ENV_LOCAL_ADDRESS=0.0.0.0 or ENV_LOCAL_ADDRESS: 0.0.0.0
PDNS config: local-address=0.0.0.0
Save the below config to a file and mount to /pdns.conf
primary=yes
secondary=no
launch=gsqlite3
gsqlite3-database=/var/lib/powerdns/auth.db
gsqlite3-pragma-synchronous=0
local-address=0.0.0.0
local-port=53
| Name | Value | Default |
|---|---|---|
AUTOSECONDARY_IP |
The IP of the primary DNS server | N/A |
AUTOSECONDARY_NAMESERVER |
The name of the primary DNS server | N/A |
AUTOSECONDARY_ACCOUNT |
The account used on the primary DNS server | N/A |
| Name | Value | Default |
|---|---|---|
ENV_PRIMARY |
Docs | yes |
ENV_SECONDARY |
Docs | no |
ENV_LAUNCH |
Docs | gsqlite3 |
ENV_GSQLITE3_DATABASE |
Docs | "/var/lib/powerdns/auth.db" |
ENV_GSQLITE3_PRAGMA_SYNCHRONOUS |
Docs | 0 |
ENV_SOCKET_DIR |
Docs | "/var/run/powerdns-authorative" |
ENV_LOCAL_ADDRESS |
Docs | "0.0.0.0" |
ENV_LOCAL_PORT |
Docs | 53 |
ENV_GPGSQL_HOST |
Docs | N/A |
ENV_GPGSQL_PORT |
Docs | N/A |
ENV_GPGSQL_DBNAME |
Docs | N/A |
ENV_GPGSQL_USER |
Docs | N/A |
ENV_GPGSQL_PASSWORD |
Docs | N/A |
ENV_GPGSQL_DNSSEC |
Docs | N/A |
- SQLite3
- PostgreSQL
Using network_mode host
version: '3'
services:
pdns-auth:
container_name: pdns-auth
image: emiljacero/powerdns-auth-docker:amd64-latest
restart: always
network_mode: host
environment:
TZ: Etc/UTC
ENV_PRIMARY: "yes"
ENV_SECONDARY: "no"
ENV_LAUNCH: gsqlite3
ENV_GSQLITE3_DATABASE: "/var/lib/powerdns/auth.db"
ENV_GSQLITE3_PRAGMA_SYNCHRONOUS: 0
ENV_ENTROPY_SOURCE: /dev/urandom
ENV_LOCAL_ADDRESS: 192.168.100.20
ENV_LOCAL_PORT: 53
volumes:
- ./db:/var/lib/powerdnsUsing network_mode host
version: '3'
services:
pdns-db:
container_name: pdns-db
image: postgres:14
restart: always
network_mode: host
environment:
POSTGRES_USER: pdns
POSTGRES_PASSWORD: CHANGEME
POSTGRES_DB: pdns
pdns-auth:
container_name: pdns-auth
image: emiljacero/powerdns-auth-docker:amd64-latest
restart: always
network_mode: host
environment:
TZ: Etc/UTC
ENV_PRIMARY: "yes"
ENV_SECONDARY: "no"
ENV_LAUNCH: gpgsql
ENV_GPGSQL_HOST: 127.0.0.1
ENV_GPGSQL_PORT: 5432
ENV_GPGSQL_DBNAME: pdns
ENV_GPGSQL_USER: pdns
ENV_GPGSQL_PASSWORD: CHANGEME
ENV_GPGSQL_DNSSEC: "yes"
ENV_ENTROPY_SOURCE: /dev/urandom
ENV_LOCAL_ADDRESS: 192.168.100.20
ENV_LOCAL_PORT: 53Running a secondary authoritative requires the extra environment variables beginning with AUTOSECONDARY.
version: '3'
services:
pdns-auth:
container_name: pdns-auth
image: emiljacero/powerdns-auth-docker:amd64-latest
restart: always
network_mode: host
environment:
TZ: Etc/UTC
AUTOSECONDARY_IP: 192.168.100.10
AUTOSECONDARY_NAMESERVER: ns1.example.com
AUTOSECONDARY_ACCOUNT: Example
ENV_PRIMARY: "no"
ENV_SECONDARY: "yes"
ENV_AUTOSECONDARY: "yes"
ENV_LAUNCH: gsqlite3
ENV_GSQLITE3_DATABASE: "/var/lib/powerdns/auth.db"
ENV_GSQLITE3_PRAGMA_SYNCHRONOUS: 0
ENV_ENTROPY_SOURCE: /dev/urandom
ENV_LOCAL_ADDRESS: 192.168.100.20
ENV_LOCAL_PORT: 53
volumes:
- ./db:/var/lib/powerdnsPlease note that the authoritative server is listening on 5300. That means notifications has to be sent towards 192.168.100.20:5300.
Using network_mode host
version: '3'
services:
pdns-auth:
container_name: pdns-auth
image: emiljacero/powerdns-auth-docker:amd64-latest
restart: always
network_mode: host
environment:
TZ: Etc/UTC
AUTOSECONDARY_IP: 192.168.100.10
AUTOSECONDARY_NAMESERVER: ns1.example.com
AUTOSECONDARY_ACCOUNT: Example
ENV_PRIMARY: "no"
ENV_SECONDARY: "yes"
ENV_AUTOSECONDARY: "yes"
ENV_LAUNCH: gsqlite3
ENV_GSQLITE3_DATABASE: "/var/lib/powerdns/auth.db"
ENV_GSQLITE3_PRAGMA_SYNCHRONOUS: 0
ENV_ENTROPY_SOURCE: /dev/urandom
ENV_SOCKET_DIR: /var/run/powerdns-authorative
ENV_LOCAL_ADDRESS: 192.168.100.20
ENV_LOCAL_PORT: 5300
volumes:
- ./db:/var/lib/powerdns
pdns-recursor:
container_name: pdns-recursor
image: emiljacero/powerdns-recursor-docker:amd64-latest
restart: always
depends_on:
- pdns-auth
network_mode: host
environment:
TZ: Etc/UTC
ENV_ALLOW_FROM: 127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16,
192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
ENV_HINT_FILE: /var/named.root
ENV_INCLUDE_DIR: /etc/powerdns/recursor.d
ENV_FORWARD_ZONES_FILE: /etc/powerdns/forward.conf
ENV_LOCAL_ADDRESS: 192.168.100.20
ENV_LOCAL_PORT: 53
ENV_DNSSEC: "off"
ENV_WEBSERVER: "yes"
ENV_WEBSERVER_PASSWORD: CHANGEME_PASSWORD
ENV_WEBSERVER_ADDRESS: 0.0.0.0
ENV_WEBSERVER_ALLOW_FROM: 0.0.0.0/0
ENV_WEBSERVER_PORT: 8002
ENV_API_KEY: CHANGEME_PASSWORD
PDNS_AUTH_API_HOST: 127.0.0.1
PDNS_AUTH_API_DNS_PORT: 5300
PDNS_AUTH_API_PORT: 8001
PDNS_AUTH_API_KEY: CHANGEME_PASSWORD
EXTRA_FORWARD: ""- Automate builds with github actions
- Rewrite so that the builds are using Major, Mini, Micro releases tagging.
- Backup - Run a backup of the DB when detecting a new schema just before running the schema.
- Migration Upgrade/Downgrade - With backup, be able to essentially roll back to the previous version.