initial

.gitlab-ci.yml

@@ -0,0 +1,36 @@
+stages:
+    - check
+    - build
+    - deploy
+
+include:
+    - project: dockerized/commons
+      ref: master
+      file: gitlab-ci-template.yml
+
+deploy:
+    image: registry.hottis.de/dockerized/docker-bash:latest
+    stage: deploy
+    tags:
+        - hottis
+        - linux
+        - docker
+    only:
+        - tags
+    variables:
+        GIT_STRATEGY: none
+        CONTAINER_NAME: unbound
+    script:
+        - docker stop $CONTAINER_NAME || echo "container not running, never mind"
+        - docker rm $CONTAINER_NAME || echo "container not existing, never mind"
+        - docker run 
+          -d 
+          --network docker-server 
+          --ip 172.16.10.43 
+          -v sink_config:/etc/sink 
+          --name $CONTAINER_NAME 
+          --restart always 
+          $IMAGE_NAME:$CI_COMMIT_TAG
+    environment:
+        name: production
+

Dockerfile

@@ -0,0 +1,18 @@
+FROM alpine:3.13
+
+RUN \
+  apk add --no-cache unbound && \
+  mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf-dist
+
+COPY unbound.conf /etc/unbound/unbound.conf
+
+EXPOSE 53/udp
+
+VOLUME /etc/unbound
+
+CMD [ "/usr/sbin/unbound" ]
+
+  
+
+
+

unbound.conf

@@ -0,0 +1,37 @@
+server:
+    interface: 0.0.0.0
+    do-ip4: yes
+    do-ip6: no
+
+    do-daemonize: no
+
+    verbosity: 1
+    logfile: ""
+    log-time-ascii: yes
+    log-queries: yes
+    log-replies: yes
+
+    access-control: 172.16.0.0/16 allow
+    access-control: 10.200.200.0/24 allow
+    access-control: 172.17.0.0/16 allow
+
+    local-zone: "nober.de." transparent
+        local-data: "base.hv.nober.de. IN A 192.0.2.51"
+        local-data: "api.hv.nober.de. IN A 192.0.2.51"
+
+    local-zone: "hottis.de." transparent
+        local-data: "authservice.hottis.de. IN A 172.16.10.41"
+        local-data: "bitwarden.hottis.de. IN A 172.16.10.41"
+        local-data: "smarthome.hottis.de. IN A 172.16.10.41"
+        local-data: "registry.hottis.de. IN A 172.16.10.41"
+        local-data: "home.hottis.de. IN A 172.16.1.11"
+        local-data: "repo.hottis.de. IN A 172.16.1.11"
+        local-data: "sink.hottis.de. IN A 172.16.10.42"
+        local-data: "brkrint.hottis.de. IN A 172.16.2.16"
+
+    local-zone: "mainscnt.eu." transparent
+        local-data: "grafana.mainscnt.eu. IN A 172.16.10.41"
+        local-data: "wiki.mainscnt.eu. IN A 172.16.10.41"
+        local-data: "broker.mainscnt.eu. IN A 172.16.10.40"
+        local-data: "db.mainscnt.eu. IN A 172.16.10.27"
+