NASP/argus
50
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

[#4] 构建bind9镜像

Browse Source
This commit is contained in:
root 2025-09-16 07:24:18 +00:00
parent 3e9cfa564c
commit 1fbf725d50
11 changed files with 286 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/bind/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
images/

44
src/bind/build/Dockerfile Normal file
View File

@ -0,0 +1,44 @@
FROM ubuntu:22.04
# Set timezone and avoid interactive prompts
ENV DEBIAN_FRONTEND=noninteractive
ENV TZ=Asia/Shanghai
# Update package list and install required packages
RUN apt-get update && \
apt-get install -y \
bind9 \
bind9utils \
bind9-doc \
supervisor \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create supervisor configuration directory
RUN mkdir -p /etc/supervisor/conf.d
# Copy supervisor configuration
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Copy BIND9 configuration files
COPY named.conf.local /etc/bind/named.conf.local
COPY db.argus.com /etc/bind/db.argus.com
# Copy startup and reload scripts
COPY startup.sh /usr/local/bin/startup.sh
COPY reload-bind9.sh /usr/local/bin/reload-bind9.sh
# Make scripts executable
RUN chmod +x /usr/local/bin/startup.sh /usr/local/bin/reload-bind9.sh
# Set proper ownership for BIND9 files
RUN chown bind:bind /etc/bind/named.conf.local /etc/bind/db.argus.com
# Expose DNS port
EXPOSE 53/tcp 53/udp
# Use root user as requested
USER root
# Start with startup script
CMD ["/usr/local/bin/startup.sh"]

16
src/bind/build/db.argus.com Normal file
View File

@ -0,0 +1,16 @@
$TTL 604800
@ IN SOA ns1.argus.com. admin.argus.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; 定义 DNS 服务器
@ IN NS ns1.argus.com.
; 定义 ns1 主机
ns1 IN A 127.0.0.1
; 定义 web 指向 12.4.5.6
web IN A 12.4.5.6

4
src/bind/build/named.conf.local Normal file
View File

@ -0,0 +1,4 @@
zone "argus.com" {
type master;
file "/etc/bind/db.argus.com";
};

16
src/bind/build/private/argus/bind/db.argus.com Normal file
View File

@ -0,0 +1,16 @@
$TTL 604800
@ IN SOA ns1.argus.com. admin.argus.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; 定义 DNS 服务器
@ IN NS ns1.argus.com.
; 定义 ns1 主机
ns1 IN A 127.0.0.1
; 定义 web 指向 12.4.5.6
web IN A 22.4.5.6

4
src/bind/build/private/argus/bind/named.conf.local Normal file
View File

@ -0,0 +1,4 @@
zone "argus.com" {
type master;
file "/etc/bind/db.argus.com";
};

27
src/bind/build/reload-bind9.sh Normal file
View File

@ -0,0 +1,27 @@
#!/bin/bash
echo "Reloading BIND9 configuration..."
# Check if configuration files are valid
echo "Checking named.conf.local syntax..."
if ! named-checkconf /etc/bind/named.conf.local; then
echo "ERROR: named.conf.local has syntax errors!"
exit 1
fi
echo "Checking zone file syntax..."
if ! named-checkzone argus.com /etc/bind/db.argus.com; then
echo "ERROR: db.argus.com has syntax errors!"
exit 1
fi
# Reload BIND9 via supervisor
echo "Reloading BIND9 service..."
supervisorctl restart bind9
if [ $? -eq 0 ]; then
echo "BIND9 reloaded successfully!"
else
echo "ERROR: Failed to reload BIND9!"
exit 1
fi

29
src/bind/build/startup.sh Normal file
View File

@ -0,0 +1,29 @@
#!/bin/bash
# Set /private permissions to 777 as requested
chmod 777 /private 2>/dev/null || true
# Create persistent directory for BIND9 configs
mkdir -p /private/argus/bind
# Copy configuration files to persistent storage if they don't exist
if [ ! -f /private/argus/bind/named.conf.local ]; then
cp /etc/bind/named.conf.local /private/argus/bind/named.conf.local
fi
if [ ! -f /private/argus/bind/db.argus.com ]; then
cp /etc/bind/db.argus.com /private/argus/bind/db.argus.com
fi
# Create symlinks to use persistent configs
ln -sf /private/argus/bind/named.conf.local /etc/bind/named.conf.local
ln -sf /private/argus/bind/db.argus.com /etc/bind/db.argus.com
# Set proper ownership
chown bind:bind /private/argus/bind/named.conf.local /private/argus/bind/db.argus.com
# Create supervisor log directory
mkdir -p /var/log/supervisor
# Start supervisor
exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

24
src/bind/build/supervisord.conf Normal file
View File

@ -0,0 +1,24 @@
[unix_http_server]
file=/var/run/supervisor.sock
chmod=0700
[supervisord]
nodaemon=true
user=root
logfile=/var/log/supervisor/supervisord.log
pidfile=/var/run/supervisord.pid
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/supervisor.sock
[program:bind9]
command=/usr/sbin/named -g -c /etc/bind/named.conf -u bind
user=bind
autostart=true
autorestart=true
stderr_logfile=/var/log/supervisor/bind9.err.log
stdout_logfile=/var/log/supervisor/bind9.out.log
priority=10

74
src/bind/scripts/build_images.sh Executable file
View File

@ -0,0 +1,74 @@
#!/bin/bash
# Build BIND DNS container image
# Usage: ./build_images.sh [--intranet]
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
BUILD_DIR="$PROJECT_ROOT/build"
IMAGE_NAME="argus-bind9"
TAG="latest"
# Parse command line arguments
USE_INTRANET=false
while [[ $# -gt 0 ]]; do
case $1 in
--intranet)
USE_INTRANET=true
shift
;;
*)
echo "Unknown option: $1"
echo "Usage: $0 [--intranet]"
exit 1
;;
esac
done
echo "Building BIND9 DNS container image..."
echo "Image: $IMAGE_NAME:$TAG"
echo "Build directory: $BUILD_DIR"
# Check if build directory exists
if [ ! -d "$BUILD_DIR" ]; then
echo "Error: Build directory not found: $BUILD_DIR"
exit 1
fi
# Check if Dockerfile exists
if [ ! -f "$BUILD_DIR/Dockerfile" ]; then
echo "Error: Dockerfile not found: $BUILD_DIR/Dockerfile"
exit 1
fi
cd "$BUILD_DIR"
if [ "$USE_INTRANET" = true ]; then
echo "Building with intranet apt source (10.68.64.1)..."
# Create temporary Dockerfile with intranet apt source
cp Dockerfile Dockerfile.tmp
# Insert intranet apt configuration after the FROM line
sed -i '/^FROM ubuntu:22.04/a\\n# Configure intranet apt source\nRUN echo "deb [trusted=yes] http://10.68.64.1/ubuntu2204/ jammy main" > /etc/apt/sources.list && \\\n mkdir -p /etc/apt/apt.conf.d && \\\n echo "Acquire::https::Verify-Peer \"false\";" > /etc/apt/apt.conf.d/99-disable-ssl-verify && \\\n echo "Acquire::https::Verify-Host \"false\";" >> /etc/apt/apt.conf.d/99-disable-ssl-verify' Dockerfile.tmp
# Build with modified Dockerfile
docker build -f Dockerfile.tmp -t "$IMAGE_NAME:$TAG" .
# Clean up temporary file
rm -f Dockerfile.tmp
else
echo "Building with default public apt sources..."
docker build -t "$IMAGE_NAME:$TAG" .
fi
echo "Build completed successfully!"
echo "Image: $IMAGE_NAME:$TAG"
# Show image info
echo ""
echo "Image details:"
docker images "$IMAGE_NAME:$TAG"

46
src/bind/scripts/save_images.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
# Save BIND DNS container images to tar files
# Usage: ./save_images.sh
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
IMAGES_DIR="$PROJECT_ROOT/images"
IMAGE_NAME="argus-bind9"
TAG="latest"
echo "Saving BIND9 DNS container images..."
# Create images directory if it doesn't exist
mkdir -p "$IMAGES_DIR"
# Check if image exists
if ! docker images --format "{{.Repository}}:{{.Tag}}" | grep -q "^$IMAGE_NAME:$TAG$"; then
echo "Error: Image $IMAGE_NAME:$TAG not found"
echo "Please build the image first using: ./build_images.sh"
exit 1
fi
# Save the image
echo "Saving $IMAGE_NAME:$TAG to $IMAGES_DIR/argus-bind9.tar..."
docker save "$IMAGE_NAME:$TAG" -o "$IMAGES_DIR/argus-bind9.tar"
# Compress the tar file to save space
echo "Compressing image archive..."
gzip -f "$IMAGES_DIR/argus-bind9.tar"
echo "Image saved successfully!"
echo "Location: $IMAGES_DIR/argus-bind9.tar.gz"
# Show file size
if [ -f "$IMAGES_DIR/argus-bind9.tar.gz" ]; then
echo "File size: $(du -h "$IMAGES_DIR/argus-bind9.tar.gz" | cut -f1)"
fi
echo ""
echo "To load the image later, use:"
echo " gunzip $IMAGES_DIR/argus-bind9.tar.gz"
echo " docker load -i $IMAGES_DIR/argus-bind9.tar"