2025-09-22 16:39:39 +08:00
11 changed files with 286 additions and 0 deletions
--- a/src/bind/.gitignore
+++ b/src/bind/.gitignore
@ -0,0 +1,2 @@
+
+images/
--- a/src/bind/build/Dockerfile
+++ b/src/bind/build/Dockerfile
@ -0,0 +1,44 @@
+FROM ubuntu:22.04
+
+# Set timezone and avoid interactive prompts
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ=Asia/Shanghai
+
+# Update package list and install required packages
+RUN apt-get update && \
+    apt-get install -y \
+    bind9 \
+    bind9utils \
+    bind9-doc \
+    supervisor \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create supervisor configuration directory
+RUN mkdir -p /etc/supervisor/conf.d
+
+# Copy supervisor configuration
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# Copy BIND9 configuration files
+COPY named.conf.local /etc/bind/named.conf.local
+COPY db.argus.com /etc/bind/db.argus.com
+
+# Copy startup and reload scripts
+COPY startup.sh /usr/local/bin/startup.sh
+COPY reload-bind9.sh /usr/local/bin/reload-bind9.sh
+
+# Make scripts executable
+RUN chmod +x /usr/local/bin/startup.sh /usr/local/bin/reload-bind9.sh
+
+# Set proper ownership for BIND9 files
+RUN chown bind:bind /etc/bind/named.conf.local /etc/bind/db.argus.com
+
+# Expose DNS port
+EXPOSE 53/tcp 53/udp
+
+# Use root user as requested
+USER root
+
+# Start with startup script
+CMD ["/usr/local/bin/startup.sh"]
--- a/src/bind/build/db.argus.com
+++ b/src/bind/build/db.argus.com
@ -0,0 +1,16 @@
+$TTL    604800
+@       IN      SOA     ns1.argus.com. admin.argus.com. (
+                              2         ; Serial
+                         604800         ; Refresh
+                          86400         ; Retry
+                        2419200         ; Expire
+                         604800 )       ; Negative Cache TTL
+
+; 定义 DNS 服务器
+@       IN      NS      ns1.argus.com.
+
+; 定义 ns1 主机
+ns1     IN      A       127.0.0.1
+
+; 定义 web 指向 12.4.5.6
+web     IN      A       12.4.5.6
--- a/src/bind/build/named.conf.local
+++ b/src/bind/build/named.conf.local
@ -0,0 +1,4 @@
+zone "argus.com" {
+    type master;
+    file "/etc/bind/db.argus.com";
+};
--- a/src/bind/build/private/argus/bind/db.argus.com
+++ b/src/bind/build/private/argus/bind/db.argus.com
@ -0,0 +1,16 @@
+$TTL    604800
+@       IN      SOA     ns1.argus.com. admin.argus.com. (
+                              2         ; Serial
+                         604800         ; Refresh
+                          86400         ; Retry
+                        2419200         ; Expire
+                         604800 )       ; Negative Cache TTL
+
+; 定义 DNS 服务器
+@       IN      NS      ns1.argus.com.
+
+; 定义 ns1 主机
+ns1     IN      A       127.0.0.1
+
+; 定义 web 指向 12.4.5.6
+web     IN      A       22.4.5.6
--- a/src/bind/build/private/argus/bind/named.conf.local
+++ b/src/bind/build/private/argus/bind/named.conf.local
@ -0,0 +1,4 @@
+zone "argus.com" {
+    type master;
+    file "/etc/bind/db.argus.com";
+};
--- a/src/bind/build/reload-bind9.sh
+++ b/src/bind/build/reload-bind9.sh
@ -0,0 +1,27 @@
+#!/bin/bash
+
+echo "Reloading BIND9 configuration..."
+
+# Check if configuration files are valid
+echo "Checking named.conf.local syntax..."
+if ! named-checkconf /etc/bind/named.conf.local; then
+    echo "ERROR: named.conf.local has syntax errors!"
+    exit 1
+fi
+
+echo "Checking zone file syntax..."
+if ! named-checkzone argus.com /etc/bind/db.argus.com; then
+    echo "ERROR: db.argus.com has syntax errors!"
+    exit 1
+fi
+
+# Reload BIND9 via supervisor
+echo "Reloading BIND9 service..."
+supervisorctl restart bind9
+
+if [ $? -eq 0 ]; then
+    echo "BIND9 reloaded successfully!"
+else
+    echo "ERROR: Failed to reload BIND9!"
+    exit 1
+fi
--- a/src/bind/build/startup.sh
+++ b/src/bind/build/startup.sh
@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Set /private permissions to 777 as requested
+chmod 777 /private 2>/dev/null || true
+
+# Create persistent directory for BIND9 configs
+mkdir -p /private/argus/bind
+
+# Copy configuration files to persistent storage if they don't exist
+if [ ! -f /private/argus/bind/named.conf.local ]; then
+    cp /etc/bind/named.conf.local /private/argus/bind/named.conf.local
+fi
+
+if [ ! -f /private/argus/bind/db.argus.com ]; then
+    cp /etc/bind/db.argus.com /private/argus/bind/db.argus.com
+fi
+
+# Create symlinks to use persistent configs
+ln -sf /private/argus/bind/named.conf.local /etc/bind/named.conf.local
+ln -sf /private/argus/bind/db.argus.com /etc/bind/db.argus.com
+
+# Set proper ownership
+chown bind:bind /private/argus/bind/named.conf.local /private/argus/bind/db.argus.com
+
+# Create supervisor log directory
+mkdir -p /var/log/supervisor
+
+# Start supervisor
+exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
--- a/src/bind/build/supervisord.conf
+++ b/src/bind/build/supervisord.conf
@ -0,0 +1,24 @@
+[unix_http_server]
+file=/var/run/supervisor.sock
+chmod=0700
+
+[supervisord]
+nodaemon=true
+user=root
+logfile=/var/log/supervisor/supervisord.log
+pidfile=/var/run/supervisord.pid
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///var/run/supervisor.sock
+
+[program:bind9]
+command=/usr/sbin/named -g -c /etc/bind/named.conf -u bind
+user=bind
+autostart=true
+autorestart=true
+stderr_logfile=/var/log/supervisor/bind9.err.log
+stdout_logfile=/var/log/supervisor/bind9.out.log
+priority=10
--- a/src/bind/scripts/build_images.sh
+++ b/src/bind/scripts/build_images.sh
@ -0,0 +1,74 @@
+#!/bin/bash
+
+# Build BIND DNS container image
+# Usage: ./build_images.sh [--intranet]
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
+BUILD_DIR="$PROJECT_ROOT/build"
+
+IMAGE_NAME="argus-bind9"
+TAG="latest"
+
+# Parse command line arguments
+USE_INTRANET=false
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        --intranet)
+            USE_INTRANET=true
+            shift
+            ;;
+        *)
+            echo "Unknown option: $1"
+            echo "Usage: $0 [--intranet]"
+            exit 1
+            ;;
+    esac
+done
+
+echo "Building BIND9 DNS container image..."
+echo "Image: $IMAGE_NAME:$TAG"
+echo "Build directory: $BUILD_DIR"
+
+# Check if build directory exists
+if [ ! -d "$BUILD_DIR" ]; then
+    echo "Error: Build directory not found: $BUILD_DIR"
+    exit 1
+fi
+
+# Check if Dockerfile exists
+if [ ! -f "$BUILD_DIR/Dockerfile" ]; then
+    echo "Error: Dockerfile not found: $BUILD_DIR/Dockerfile"
+    exit 1
+fi
+
+cd "$BUILD_DIR"
+
+if [ "$USE_INTRANET" = true ]; then
+    echo "Building with intranet apt source (10.68.64.1)..."
+
+    # Create temporary Dockerfile with intranet apt source
+    cp Dockerfile Dockerfile.tmp
+
+    # Insert intranet apt configuration after the FROM line
+    sed -i '/^FROM ubuntu:22.04/a\\n# Configure intranet apt source\nRUN echo "deb [trusted=yes] http://10.68.64.1/ubuntu2204/ jammy main" > /etc/apt/sources.list && \\\n    mkdir -p /etc/apt/apt.conf.d && \\\n    echo "Acquire::https::Verify-Peer \"false\";" > /etc/apt/apt.conf.d/99-disable-ssl-verify && \\\n    echo "Acquire::https::Verify-Host \"false\";" >> /etc/apt/apt.conf.d/99-disable-ssl-verify' Dockerfile.tmp
+
+    # Build with modified Dockerfile
+    docker build -f Dockerfile.tmp -t "$IMAGE_NAME:$TAG" .
+
+    # Clean up temporary file
+    rm -f Dockerfile.tmp
+else
+    echo "Building with default public apt sources..."
+    docker build -t "$IMAGE_NAME:$TAG" .
+fi
+
+echo "Build completed successfully!"
+echo "Image: $IMAGE_NAME:$TAG"
+
+# Show image info
+echo ""
+echo "Image details:"
+docker images "$IMAGE_NAME:$TAG"
--- a/src/bind/scripts/save_images.sh
+++ b/src/bind/scripts/save_images.sh
@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Save BIND DNS container images to tar files
+# Usage: ./save_images.sh
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
+IMAGES_DIR="$PROJECT_ROOT/images"
+
+IMAGE_NAME="argus-bind9"
+TAG="latest"
+
+echo "Saving BIND9 DNS container images..."
+
+# Create images directory if it doesn't exist
+mkdir -p "$IMAGES_DIR"
+
+# Check if image exists
+if ! docker images --format "{{.Repository}}:{{.Tag}}" | grep -q "^$IMAGE_NAME:$TAG$"; then
+    echo "Error: Image $IMAGE_NAME:$TAG not found"
+    echo "Please build the image first using: ./build_images.sh"
+    exit 1
+fi
+
+# Save the image
+echo "Saving $IMAGE_NAME:$TAG to $IMAGES_DIR/argus-bind9.tar..."
+docker save "$IMAGE_NAME:$TAG" -o "$IMAGES_DIR/argus-bind9.tar"
+
+# Compress the tar file to save space
+echo "Compressing image archive..."
+gzip -f "$IMAGES_DIR/argus-bind9.tar"
+
+echo "Image saved successfully!"
+echo "Location: $IMAGES_DIR/argus-bind9.tar.gz"
+
+# Show file size
+if [ -f "$IMAGES_DIR/argus-bind9.tar.gz" ]; then
+    echo "File size: $(du -h "$IMAGES_DIR/argus-bind9.tar.gz" | cut -f1)"
+fi
+
+echo ""
+echo "To load the image later, use:"
+echo "  gunzip $IMAGES_DIR/argus-bind9.tar.gz"
+echo "  docker load -i $IMAGES_DIR/argus-bind9.tar"