Goal of this repo is to have a stubby image optimized to size, to be used easily in embedded devices, aka router. Right now size of this image is only 4.83 MB. I removed unbound as router's internal DNS server performs the caching duty.
For more info check out MatthewVance repo.
~~ This allows you to run Stubby without losing the performance benefits of having a local caching DNS resolver. Historically, Stubby had better DNS over TLS support than Unbound. ~~
~~ To achieve this, this setup uses two containers, one running Stubby and another running Unbound. Unbound exposes DNS over port 53 and forwards requests not in its cache to the Stubby container on port 8053 (not publically exposed). Stubby then performs DNS resolution over TLS. ~~ By default, this is configured to use Cloudflare DNS.
cd stubby
podman build --format docker -t sarim/stubby:1.7.0 .Run these containers with the following command:
docker-compose up -dAdjust ports and stubby.yml config file as needed.
Next, point your DNS to the IP of your Docker host running the Stubby container.
If you have any problems with or questions about this image, please contact me through a GitHub issue.
These deserve credit for making this all possible.
Unless otherwise specified, all code is released under the MIT License (MIT). See the repository's LICENSE file for details.
- DNSCrypt server Docker image: ISC License
- Docker: Apache 2.0
- OpenSSL: Apache-style license
- Stubby: BSD-3-Clause
- Unbound: BSD License