1
1
mirror of https://github.com/dnscrypt/dnscrypt-server-docker synced 2024-11-22 19:42:03 +01:00
Commit Graph

384 Commits

Author SHA1 Message Date
Frank Denis
ebb083c515 Bump EDS 2020-05-20 16:05:49 +02:00
Frank Denis
e1c44f263b Update Unbound 2020-05-20 15:40:51 +02:00
woftor
8d0f779bfe
Removed --net=host as default for the docker container (#46)
Removed --net=host as default for the docker container
It does forward port 443 tcp/udp to the host, but it also had "--net=host" when starting. That defeats the purpose of the port forward.
Removing "--net=host" as it is also in line with the rest of the documentation.
2020-04-27 23:08:31 +02:00
woftor
f6e9f4e9f6
Update watchtower to more up to date version (#45)
v2tec/watchtower is not maintained anymore (at least past 2 years). Switch to containrrr/watchtower, which is actively developed.
2020-04-26 23:34:31 +02:00
Frank Denis
7979ac440c install-centos.sh - update paths to match the documentation
Fixes #85
2020-04-24 12:30:13 +02:00
Frank Denis
2858a6ea52 Upgrade base layer to the current Ubuntu LTS (20.04) 2020-04-23 16:33:52 +02:00
Frank Denis
9793a25dcb Merge branch 'master' of github.com:DNSCrypt/dnscrypt-server-docker
* 'master' of github.com:DNSCrypt/dnscrypt-server-docker:
  Eliminate what's superfluous
2020-04-20 16:45:11 +02:00
Frank Denis
c55108d7da Update encrypted-dns-server 2020-04-20 16:44:40 +02:00
lucenera
b6079d5d48
Merge pull request #84 from DNSCrypt/lucenera-patch-1
Eliminate what's superfluous
2020-03-28 00:35:49 +01:00
lucenera
f39cbaa192
Eliminate what's superfluous
1) I have deleted the "mkdir -p /etc/dnscrypt-server/keys" section in Installation: in fact with "-v /etc/dnscrypt-server/keys:/opt/encrypted-dns/etc/keys" the directory is automatically created on the host.
2) I have eliminated the options -"-ulimit nofile=90000:90000" and "--net=host" from the docker run command in Installation, because the first one was used in old versions of Docker, because they did not tolerate the limit of the number of files open simultaneously, managed by the kernel , in the standard Ubuntu session settings (and others); the second (--net=host) actually exposes the entire host stack to the container and this does not speed up, but exposes to risk and cancels the much more useful option -p 443:443/udp -p 443:443/tcp (see https://docs.docker.com/network/host/).
3) I have deleted in Installation the explanation regarding the "--net=host" option as explained in point 2.
4) In Installation, I have eliminated the section of the "docker start command dnscrypt-server", because, when the container with docker run is deployed, it is also started.
2020-03-28 00:01:57 +01:00
Frank Denis
64a841d5ef Downgrade Unbound, disable serve-stale, disable parking_lot for tokio
Essentially revert anything new and potentially causing #80
2020-03-21 18:14:31 +01:00
Frank Denis
db51ca4f0e Bump versions 2020-03-20 15:10:03 +01:00
Frank Denis
c4e1b96747 Enable serve-stale 2020-03-20 15:09:41 +01:00
Frank Denis
e180996db2 year 2020-03-20 15:09:34 +01:00
Frank Denis
4929d02f15 Update Unbound 2020-03-09 23:28:01 +01:00
Frank Denis
9ba1c98268 Bump cache-min-ttl
Spotted by @mibere
2020-01-31 20:17:42 +01:00
Frank Denis
2110fb899d Don't include serve-expired twice 2020-01-27 19:30:21 +01:00
Frank Denis
10a60401fc Disable ratelimit in Unbound 2020-01-27 16:46:38 +01:00
Frank Denis
65f78b41d7 Enable server-expired in Unbound 2020-01-27 16:45:41 +01:00
Frank Denis
70d8e28a56 Remove --enable-event-api in Unbound compilation
Spotted by @mibere
2019-12-26 20:20:41 +01:00
Frank Denis
ba7e420768 Add localhost to undelegated 2019-12-26 11:17:35 +01:00
Frank Denis
17f004e379 Fix permissions for legacy blacklists 2019-12-24 13:48:56 +01:00
Frank Denis
a1f5fe6b64 Typo 2019-12-24 12:37:51 +01:00
Frank Denis
a952a7e6b8 sync 2019-12-24 11:00:58 +01:00
Frank Denis
5b725a769c Update Unbound, add some undelegated zones 2019-12-24 10:59:31 +01:00
Frank Denis
1b4500184b Ensure that the blacklist file is readable 2019-12-21 23:03:49 +01:00
Frank Denis
fe93f4e8f7 Sync undelegated zones 2019-12-21 22:58:54 +01:00
mibere
122b4d7942 Limit serving of expired responses (#42) 2019-12-16 19:10:11 +01:00
Frank Denis
4a81823fbc png->svg 2019-12-16 17:59:12 +01:00
Frank Denis
53ec5cdd78 Merge branch 'master' of github.com:jedisct1/dnscrypt-server-docker 2019-12-16 12:27:32 +01:00
Frank Denis
b38c2500b9 Add Gitter chat badge 2019-12-16 12:27:16 +01:00
Frank Denis
aa0285d893
Merge pull request #41 from mibere/master
Update README.md
2019-12-13 17:08:49 +01:00
mibere
04c8c1c5ce Update README.md
enhancements chapter 'Updating the container'
2019-12-13 16:08:50 +01:00
Frank Denis
9b7cd92696 Bump min TTL, switch daemon user and group 2019-12-11 16:45:19 +01:00
Frank Denis
33080e9766 Ensure that the keys directory is accessible from _encrypted-dns 2019-12-11 16:44:47 +01:00
Frank Denis
a246506150 Copy and use undelegated.txt 2019-12-11 16:20:55 +01:00
Frank Denis
33ac5b4ad6 Import undelegated.txt 2019-12-11 15:18:37 +01:00
Frank Denis
03d780097a Sync encrypted-dns.toml.in and bump EDS version 2019-12-11 15:17:48 +01:00
Frank Denis
5e1ce7605b Add some IPv6 reverse addresses 2019-12-10 00:31:12 +01:00
Frank Denis
d022ff704c Add more static zones 2019-12-10 00:22:27 +01:00
Frank Denis
28164a3dfd Documentation: add quotes around IP addresses
This is not necessary for IPv4 addresses, but it is for IPv6
addresses (to prevent shell expansion).
2019-12-09 13:23:45 +01:00
Frank Denis
7c0677c8d2 Update unbound to 1.9.6rc1 2019-12-09 12:15:02 +01:00
Frank Denis
2881cc9207 Add more undelegated zones 2019-12-09 12:11:24 +01:00
Frank Denis
743f842309
Merge pull request #40 from mibere/master
enable aggressive-nsec
2019-12-07 23:55:53 +01:00
mibere
d0bb7e6ac9 enable aggressive-nsec
for detailed description and benefits read https://medium.com/nlnetlabs/aggressive-use-of-the-dnssec-validated-cache-in-unbound-1ab3e315d13f
2019-12-06 21:04:12 +01:00
mibere
b15b09c12a
Merge pull request #1 from jedisct1/master
Merge pull request #39 from mibere/master
2019-12-06 20:58:10 +01:00
Frank Denis
58c2d34486
Merge pull request #39 from mibere/master
Local copy of the DNS root zone (hyperlocal)
2019-12-04 20:31:22 +01:00
mibere
9fc2cbe4b1 Local copy of the DNS root zone (hyperlocal)
Solves #38
2019-12-04 19:24:44 +01:00
Frank Denis
366c656fe0 Update doc 2019-11-24 18:58:09 +01:00
Frank Denis
a649ce6701 Typo 2019-11-24 15:40:43 +01:00