| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 |
- ---
- kind: compose
- metadata:
- name: BIND9
- description: >
- BIND9 is the most widely used DNS server on the Internet.
- This template provides an authoritative and recursive DNS server with example zones,
- TSIG authentication for secure zone transfers, and DNSSEC support.
- Project: https://www.isc.org/bind/
- Documentation: https://bind9.readthedocs.io/
- version: 9.20-24.10_edge
- author: Christian Lempa
- date: '2025-10-02'
- tags:
- - dns
- next_steps: |
- 1. Start the DNS server:
- docker compose up -d
- 2. View the auto-generated TSIG key:
- cat config/tsig.key
- 3. Test DNS queries:
- dig @localhost home.arpa
- 4. Customize your zone:
- - Edit config/named.conf.zones to add more zones
- - Add zone files to /var/lib/bind/ volume
- - Update config/named.conf to adjust forwarders and ACLs
- 5. Reload configuration after changes:
- docker exec bind9 rndc reload
- 6. Check BIND9 configuration syntax:
- docker exec bind9 named-checkconf /etc/bind/named.conf
- docker exec bind9 named-checkzone home.arpa /var/lib/bind/db.home.arpa
- For more information, visit: https://bind9.readthedocs.io/
- draft: true
- spec:
- general:
- vars:
- bind9_version:
- type: str
- description: BIND9 Docker image tag
- default: "9.20-24.10_edge"
- domain_name:
- type: str
- description: "Primary domain name for your zone (e.g., home.arpa)"
- default: "home.arpa"
- tsig_key_name:
- type: str
- description: "TSIG key name for secure zone transfers"
- default: "transfer-key"
- tsig_key_secret:
- type: str
- description: "TSIG key secret (base64, auto-generated if empty)"
- default: ""
- sensitive: true
- autogenerated: true
- ports:
- vars:
- ports_enabled:
- default: true
- network:
- vars:
- network_enabled:
- default: false
|
