I wanted to implement this on a Raspberry Pi that I have running Docker. However, I wasn’t able to find an image in Docker Hub for the ARM architecture that the Raspberry Pi uses so I made my own based on the x86-64 image, here.
- Place the Dockerfile and unbound.conf in the same directory.
- Docker file:
FROM arm32v6/alpine:3.7 EXPOSE 53/udp RUN apk add --update --no-cache -q --progress unbound && \ rm -rf /etc/unbound/unbound.conf /var/cache/apk/* COPY unbound.conf /etc/unbound/unbound.conf ENTRYPOINT unbound -d
- unbound.conf:
server: verbosity: 0 use-syslog: no qname-minimisation: yes do-tcp: yes prefetch: yes rrset-roundrobin: yes use-caps-for-id: yes do-ip4: yes do-ip6: no interface: 0.0.0.0 access-control: 0.0.0.0/0 allow forward-zone: name: "." forward-addr: 1.1.1.1@853 forward-addr: 1.0.0.1@853 forward-ssl-upstream: yes
- Build the Docker image:
docker build -t itinnovations/cloudflaretlsdns:latest .
- Start a container as a daemon from the above image:
docker run -d \ --name=CloudflareTLSDNS \ --restart=unless-stopped \ -p 53:53/udp \ itinnovations/cloudflaretlsdns
- Configure all clients to point to the IP address of the Docker Host for DNS.