Have unbound listen to port 553 instead of the default port 53

This prevents issues with docker hosts already having a local resolver
2024-11-22 19:42:03 +01:00 · 2015-11-28 13:52:35 +01:00 · 2015-11-28 13:52:35 +01:00 · 8566959cfc
commit 8566959cfc
parent 850a1e68a6
4 changed files with 3 additions and 5 deletions
--- a/2
+++ b/2
@ -149,7 +149,7 @@ COPY watchdog.sh /etc/service/watchdog/run

 VOLUME ["/opt/dnscrypt-wrapper/etc/keys"]

-EXPOSE 53/udp 53/tcp 443/udp 443/tcp
+EXPOSE 443/udp 443/tcp

 CMD ["start"]

--- a/dnscrypt-wrapper.sh
+++ b/dnscrypt-wrapper.sh
@ -52,7 +52,7 @@ prune
 exec /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
    --user=_dnscrypt-wrapper \
    --listen-address=0.0.0.0:443 \
-    --resolver-address=127.0.0.1 \
+    --resolver-address=127.0.0.1:553 \
    --provider-name="$provider_name" \
    --provider-cert-file="${STKEYS_DIR}/dnscrypt.cert" \
    --crypt-secretkey-file=$(stkeys_files)
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -86,8 +86,6 @@ This is supposed to be called only once.

 * start (default command): start the resolver and the dnscrypt server proxy.
 Ports 443/udp and 443/tcp have to be publicly exposed.
-Containers on the same virtual network can directly use this container's Unbound
-instance as a DNS resolver, on the standard DNS port (53).

 * provider-info: prints the provide name and provider public key.

--- a/unbound.sh
+++ b/unbound.sh
@ -27,7 +27,7 @@ sed \
 server:
  verbosity: 1
  num-threads: @THREADS@
-  interface: 127.0.0.1@53
+  interface: 127.0.0.1@553
  so-reuseport: yes
  edns-buffer-size: 1252
  delay-close: 10000