feat(docker): use official isc/bind as base image

jon-nfc · jon-nfc · commit 90616546627e · 2026-01-06T19:38:43.000+09:30
ref: #33 closes #36
diff --git a/dockerfile b/dockerfile
@@ -1,24 +1,8 @@
 
-ARG VERSION_BIND="9.20.17-r0"
-ARG VERSION_ALPINE="3.23.2"
+ARG VERSION_BIND="9.21"
 
-FROM alpine:${VERSION_ALPINE}
 
-
-ARG VERSION_BIND
-
-
-RUN \
-  apk upgrade --no-cache; \
-  apk add --no-cache \
-    bind==${VERSION_BIND} \
-    supervisor; \
-  rm -f \
-    /etc/bind/named.conf.authoritative \
-    /etc/bind/named.conf.recursive \
-    /etc/bind/rndc.key \
-    /var/bind/pri/127.zone \
-    /var/bind/pri/localhost.zone;
+FROM internetsystemsconsortium/bind9:${VERSION_BIND}
 
 
 EXPOSE \
@@ -27,30 +11,16 @@ EXPOSE \
   # Others required? dnssec, secure updates, sone transfers DOT etc
 
 
-HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD \
-  supervisorctl status || exit 1
-
-
 COPY includes/ /
 
 
 RUN \
-  chown named:named -R /etc/bind; \
+  chown bind:bind -R /etc/bind; \
   chmod 5771 /etc/bind;
 
 
-VOLUME includes/etc/bind/conf.d/external
+VOLUME /etc/bind
 
-VOLUME includes/etc/bind/conf.d/internal
-
-VOLUME /var/bind/dyn
-
-VOLUME /var/bind/pri
-
-VOLUME /var/bind/sec
+VOLUME /var/bind
 
 VOLUME /var/log
-
-
-CMD [ "/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf" ]
-# CMD ["named", "-c", "/etc/bind/named.conf", "-g", "-u", "named"]
diff --git a/includes/etc/bind/conf.d/internal/root.zone.conf b/includes/etc/bind/conf.d/internal/root.zone.conf
@@ -1,4 +1,4 @@
 zone "." IN {
 	type hint;
-	file "named.ca";
+	file "pri/internal/root-hints.zone";
 };
diff --git a/includes/etc/bind/conf.d/options.conf b/includes/etc/bind/conf.d/options.conf
@@ -4,8 +4,8 @@ options {
 
     version "unknown";
 
-    listen-on { 127.0.0.1; };
-    listen-on-v6 { none; };
+	listen-on { any; };
+    listen-on-v6 { any; };
 
     allow-transfer { none; };
 
diff --git a/includes/var/bind/pri/internal/root-hints.zone b/includes/var/bind/pri/internal/root-hints.zone
@@ -0,0 +1,92 @@
+;       This file holds the information on root name servers needed to 
+;       initialize cache of Internet domain name servers
+;       (e.g. reference this file in the "cache  .  <file>"
+;       configuration file of BIND domain name servers). 
+; 
+;       This file is made available by InterNIC 
+;       under anonymous FTP as
+;           file                /domain/named.cache 
+;           on server           FTP.INTERNIC.NET
+;       -OR-                    RS.INTERNIC.NET
+;
+;       last update:     February 15, 2024
+;       related version of root zone:     2024021501
+; 
+; FORMERLY NS.INTERNIC.NET 
+;
+.                        3600000      NS    A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
+A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
+; 
+; FORMERLY NS1.ISI.EDU 
+;
+.                        3600000      NS    B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET.      3600000      A     170.247.170.2
+B.ROOT-SERVERS.NET.      3600000      AAAA  2801:1b8:10::b
+; 
+; FORMERLY C.PSI.NET 
+;
+.                        3600000      NS    C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
+C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
+; 
+; FORMERLY TERP.UMD.EDU 
+;
+.                        3600000      NS    D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
+D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
+; 
+; FORMERLY NS.NASA.GOV
+;
+.                        3600000      NS    E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
+E.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:a8::e
+; 
+; FORMERLY NS.ISC.ORG
+;
+.                        3600000      NS    F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
+F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
+; 
+; FORMERLY NS.NIC.DDN.MIL
+;
+.                        3600000      NS    G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
+G.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:12::d0d
+; 
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+.                        3600000      NS    H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
+; 
+; FORMERLY NIC.NORDU.NET
+;
+.                        3600000      NS    I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
+I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
+; 
+; OPERATED BY VERISIGN, INC.
+;
+.                        3600000      NS    J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
+J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
+; 
+; OPERATED BY RIPE NCC
+;
+.                        3600000      NS    K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
+K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
+; 
+; OPERATED BY ICANN
+;
+.                        3600000      NS    L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:9f::42
+; 
+; OPERATED BY WIDE
+;
+.                        3600000      NS    M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
+M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
+; End of file
