Raspberry Pi Docker Container to send all LAN DNS requests to Cloudflare’s 1.1.1.1 DNS over TLS

I wanted to implement this on a Raspberry Pi that I have running Docker. However, I wasn’t able to find an image in Docker Hub for the ARM architecture that the Raspberry Pi uses so I made my own based on the x86-64 image, here.

Place the Dockerfile and unbound.conf in the same directory.
Docker file:

FROM arm32v6/alpine:3.7
EXPOSE 53/udp
RUN apk add --update --no-cache -q --progress unbound && \
    rm -rf /etc/unbound/unbound.conf /var/cache/apk/*
COPY unbound.conf /etc/unbound/unbound.conf
ENTRYPOINT unbound -d

unbound.conf:

server:
  verbosity: 0
  use-syslog: no
  qname-minimisation: yes
  do-tcp: yes
  prefetch: yes
  rrset-roundrobin: yes
  use-caps-for-id: yes
  do-ip4: yes
  do-ip6: no
  interface: 0.0.0.0
  access-control: 0.0.0.0/0 allow
forward-zone:
  name: "."
  forward-addr: 1.1.1.1@853
  forward-addr: 1.0.0.1@853
  forward-ssl-upstream: yes

Build the Docker image:

docker build -t itinnovations/cloudflaretlsdns:latest .

Start a container as a daemon from the above image:

docker run -d \
  --name=CloudflareTLSDNS \
  --restart=unless-stopped \
  -p 53:53/udp \
  itinnovations/cloudflaretlsdns

Configure all clients to point to the IP address of the Docker Host for DNS.