[Dnsmasq-discuss] How do others provide backup for their DNS? Ideas wanted
Chris Green
cl at isbd.net
Thu Sep 2 18:52:16 UTC 2021
On Thu, Sep 02, 2021 at 10:32:01AM -0700, Michael wrote:
[snip earlier stuff]
> Hi Chris,
>
> I am sure there are some good guides out there for learning docker. I just
> learned by just picking a project that I wanted to try and set out to get it
> running. You could always run your primary on a pi and your backup on
> another platform without any issues using my example below.
>
Yes, thank you, I've already got it installed and I'm playing with it.
> Personally, I like to use docker-compose, because it allows you to spin up
> the same arguments each time without remembering them.
>
> As I mentioned, I am not using just dnsmasq, but rather pihole built on top
> of DNSmasq, but my docker-compose file looks like this below. You should
> be able to adapt the arguments for just dnsmasq pretty easily.
>
>
> pihole-main:
> container_name: pihole-main
> restart: unless-stopped
> image: pihole/pihole
> hostname: pihole-main
> domainname: $DOMAINNAME
> mac_address: 02:42:c0:a8:65:02
> environment:
> - TZ=${TZ}
> - "WEBPASSWORD=fakepassword"
> - "TEMPERATUREUNIT=f"
> - DNSMASQ_USER=${DNSMASQ_USER}
> - PUID=${PUID}
> - PGID=${PGID}
>
> # Internal IP of the cloudflared container
> - "DNS1=8.8.8.8"
>
> # Explicitly disable a second DNS server, otherwise Pi-hole uses
> Google
> - "DNS2=no"
>
> # Listen on all interfaces and permit all origins
> # This allows Pihole to work in this setup and when answering across
> VLANS,
> # but do not expose pi-hole to the internet!
> - "DNSMASQ_LISTENING=all"
>
> dns:
> # - 127.0.0.1
> - 8.8.8.8
>
> # Persist data and custom configuration to the host's storage
> volumes:
> - ${VOLUME}/pihole-main/config:/etc/pihole/
> - ${VOLUME}/pihole-main/dnsmasq:/etc/dnsmasq.d/
> - ${VOLUME}/pihole-main/misc:/var/lib/misc/
> - ${VOLUME}/pihole-main/home:/home/
>
> cap_add:
> - NET_ADMIN
> - CAP_SYS_NICE
>
> # 1. Join the public network so it's reachable by systems on our LAN
> networks:
> lan:
> ipv4_address: 192.168.101.2
>
>
> With this configuration, the IP of the container is always 192.168.101.2.
> The server it is running on though has a different IP - something in the
> 192.168.101 range. This way, if I bring this container up on the backup
> machine, it can come up on the same IP and mac address and the clients never
> know it moved.
>
>
> Bring it up is just as simple as docker-compose up -d on the backup machine.
>
> Then with this config, I just rsync the ${VOLUME}/pihole-main directory to
> the backup machine and it is ready if needed.
>
Thank you, that's brilliant.
The bit I don't quite understand yet is:-
# 1. Join the public network so it's reachable by systems on our LAN
networks:
lan:
ipv4_address: 192.168.101.2
I couldn't see how to do this with docker but you've shown me how.
I think we'd better shut-up now as this is drifting away from dnsmasq.
--
Chris Green
More information about the Dnsmasq-discuss
mailing list