Use a dedicated zone for health checking

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2019-08-25 17:03:46 +02:00
parent fe93ee74e9
commit 0ecb98ce3d
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
3 changed files with 13 additions and 6 deletions

View file

@ -9,7 +9,9 @@ RUN set -ex \
curl \
git \
make \
&& go get -v github.com/Luzifer/rootzone \
&& go get -v \
github.com/Luzifer/korvike\
github.com/Luzifer/rootzone \
&& rootzone >named.stubs \
&& make blacklist
@ -36,6 +38,6 @@ COPY docker-entrypoint.sh /usr/local/bin/
EXPOSE 53/udp 53
HEALTHCHECK --interval=30s --timeout=5s \
CMD dig +short @localhost health.server.test A || exit 1
CMD dig +short @localhost health.pdns.luzifer.io A || exit 1
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]

View file

@ -1,10 +1,11 @@
$TTL 1H
@ SOA LOCALHOST. personal-dns.luzifer.io. (1 1h 15m 30d 2h)
NS LOCALHOST.
@ SOA LOCALHOST. personal-dns.luzifer.io. (1 1h 15m 30d 2h)
NS LOCALHOST.
; Healthcheck record - don't remove
health.server.test A 127.0.1.1
health.pdns.luzifer.io A 127.0.1.1
version.pdns.luzifer.io TXT "{{ .version }} @ {{ now `2006-01-02 15:04:05 -07:00` }}"
; vim: set ft=bindzone:
; Blacklist entries

View file

@ -23,7 +23,11 @@ done
cat blacklist.local >>${target}
# Convert into named response-policy file
cp blacklist.tpl named.${target}
korvike \
-i blacklist.tpl \
-o named.${target} \
-v version=$(git describe --tags --always)
awk '/^0.0.0.0/{ printf "%s CNAME .\n", $2 }' blacklist |
grep -v '^0.0.0.0 ' |
sort >>named.${target}