zishuo/nip
1
0
Fork 0
mirror of https://github.com/cunnie/sslip.io.git synced 2025-10-04 23:32:49 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
Files
1bdd03fd3977bb261ddeebe5b8de7297ee8fe5f1
nip/k8s/Dockerfile-wildcard-dns-http-server
Brian Cunnie 1fc970a87e Dockerfiles: Replace deprecated "maintainer" label 
Also, do the `dnf install` in one step, not in three.
2022-04-22 08:11:21 -07:00

52 lines
2.0 KiB
Plaintext
Raw Blame History

# cunnie/wildcard-dns-http-server: sslip.io wildcard DNS/HTTP server Dockerfile
# This DNS/HTTP server enables the procurement of wildcard certs for sslip.io
# subdomains. It's meant to be run on the server whose IP address is the
# subdomain. e.g. if the subdomain was '207-44-147-10.sslip.io', then this
# should be run on the server whose IP address is 207.44.147.10, and this will
# procure a wildcard cert for *.207-44-147-10.sslip.io
# This won't work for private addresses such as 10.0.1.10 or 192.168.0.1.
# Dockerfile of a (Golang-based) DNS/HTTP server.
# - the DNS server only responds to TXT queries, and always responds to TXT queries,
# and always responds with the same TXT record
# - the HTTP server allows you to update the TXT record by POST'ing to the /update
# endpoint with a JSON body of `{"txt":"the-new-TXT-record"}`. The endpoint
# is compatible with acme-dns.
# - acme.sh can be configured to update the DNS TXT record via HTTPS.
# To build:
# DOCKER_BUILD_DIR=$PWD
# pushd ../src/wildcard-dns-http-server/
# GOOS=linux GOARCH=amd64 go build -o $DOCKER_BUILD_DIR/wildcard-dns-http-server
# popd
# docker build . -f Dockerfile-wildcard-dns-http-server -t cunnie/wildcard-dns-http-server
# Typical start command:
# docker run -it --rm -p 53:53/udp -p 80:80 cunnie/wildcard-dns-http-server
# To test from host:
# dig +short txt 127-0-0-1.example.com @localhost
# "Set this TXT record: curl -X POST http://localhost/update -d '{\"txt\":\"Certificate Authority's validation token\"}'"
# curl -X POST http://localhost/update -d '{"txt":"new-TXT-record"}'
# dig +short txt any-domain-you-want @localhost
# "new-TXT-record"
FROM alpine AS sslip.io
LABEL org.opencontainers.image.authors="Brian Cunnie <brian.cunnie@gmail.com>"
COPY wildcard-dns-http-server /usr/sbin/wildcard-dns-http-server
ENTRYPOINT ["/usr/sbin/wildcard-dns-http-server"]
# DNS listens on port 53 UDP
# The `EXPOSE` directive doesn't do much in our case. We use it for documentation.
EXPOSE 53/udp
EXPOSE 80/tcp
Reference in New Issue View Git Blame Copy Permalink