Use a dedicated zone for health checking

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2019-08-25 17:03:46 +02:00
parent fe93ee74e9
commit 0ecb98ce3d
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
3 changed files with 13 additions and 6 deletions

View file

@ -9,7 +9,9 @@ RUN set -ex \
curl \ curl \
git \ git \
make \ make \
&& go get -v github.com/Luzifer/rootzone \ && go get -v \
github.com/Luzifer/korvike\
github.com/Luzifer/rootzone \
&& rootzone >named.stubs \ && rootzone >named.stubs \
&& make blacklist && make blacklist
@ -36,6 +38,6 @@ COPY docker-entrypoint.sh /usr/local/bin/
EXPOSE 53/udp 53 EXPOSE 53/udp 53
HEALTHCHECK --interval=30s --timeout=5s \ HEALTHCHECK --interval=30s --timeout=5s \
CMD dig +short @localhost health.server.test A || exit 1 CMD dig +short @localhost health.pdns.luzifer.io A || exit 1
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]

View file

@ -4,7 +4,8 @@ $TTL 1H
NS LOCALHOST. NS LOCALHOST.
; Healthcheck record - don't remove ; Healthcheck record - don't remove
health.server.test A 127.0.1.1 health.pdns.luzifer.io A 127.0.1.1
version.pdns.luzifer.io TXT "{{ .version }} @ {{ now `2006-01-02 15:04:05 -07:00` }}"
; vim: set ft=bindzone: ; vim: set ft=bindzone:
; Blacklist entries ; Blacklist entries

View file

@ -23,7 +23,11 @@ done
cat blacklist.local >>${target} cat blacklist.local >>${target}
# Convert into named response-policy file # Convert into named response-policy file
cp blacklist.tpl named.${target} korvike \
-i blacklist.tpl \
-o named.${target} \
-v version=$(git describe --tags --always)
awk '/^0.0.0.0/{ printf "%s CNAME .\n", $2 }' blacklist | awk '/^0.0.0.0/{ printf "%s CNAME .\n", $2 }' blacklist |
grep -v '^0.0.0.0 ' | grep -v '^0.0.0.0 ' |
sort >>named.${target} sort >>named.${target}