I wanted to implement this on a Raspberry Pi that I have running Docker. However, I wasn’t able to find an image in Docker Hub for the ARM architecture that the Raspberry Pi uses so I made my own based on the x86-64 image, here.
- Place the Dockerfile and unbound.conf in the same directory.
- Docker file:
FROM arm32v6/alpine:3.7
EXPOSE 53/udp
RUN apk add --update --no-cache -q --progress unbound && \
rm -rf /etc/unbound/unbound.conf /var/cache/apk/*
COPY unbound.conf /etc/unbound/unbound.conf
ENTRYPOINT unbound -d
- unbound.conf:
server: verbosity: 0 use-syslog: no qname-minimisation: yes do-tcp: yes prefetch: yes rrset-roundrobin: yes use-caps-for-id: yes do-ip4: yes do-ip6: no interface: 0.0.0.0 access-control: 0.0.0.0/0 allow forward-zone: name: "." forward-addr: 1.1.1.1@853 forward-addr: 1.0.0.1@853 forward-ssl-upstream: yes
- Build the Docker image:
docker build -t itinnovations/cloudflaretlsdns:latest .
- Start a container as a daemon from the above image:
docker run -d \ --name=CloudflareTLSDNS \ --restart=unless-stopped \ -p 53:53/udp \ itinnovations/cloudflaretlsdns
- Configure all clients to point to the IP address of the Docker Host for DNS.
One thought on “Raspberry Pi Docker Container to send all LAN DNS requests to Cloudflare’s 1.1.1.1 DNS over TLS”