{"id":13587883,"url":"https://github.com/MatthewVance/stubby-docker","last_synced_at":"2025-04-08T02:34:10.704Z","repository":{"id":31906912,"uuid":"130779760","full_name":"MatthewVance/stubby-docker","owner":"MatthewVance","description":"Run Stubby without losing the performance benefits of having a local caching DNS resolver.","archived":false,"fork":false,"pushed_at":"2022-07-13T02:45:32.000Z","size":75,"stargazers_count":89,"open_issues_count":4,"forks_count":27,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-04-29T19:08:13.126Z","etag":null,"topics":["dns","dns-over-tls","docker","unbound"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MatthewVance.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-24T01:42:36.000Z","updated_at":"2024-03-30T17:07:18.000Z","dependencies_parsed_at":"2022-07-13T12:50:29.474Z","dependency_job_id":null,"html_url":"https://github.com/MatthewVance/stubby-docker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatthewVance%2Fstubby-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatthewVance%2Fstubby-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatthewVance%2Fstubby-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatthewVance%2Fstubby-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MatthewVance","download_url":"https://codeload.github.com/MatthewVance/stubby-docker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223300583,"owners_count":17122647,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","dns-over-tls","docker","unbound"],"created_at":"2024-08-01T15:06:24.436Z","updated_at":"2024-11-06T07:30:32.921Z","avatar_url":"https://github.com/MatthewVance.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# Unbound and Stubby Docker Images\n\n## What does this do?\n\nThis allows you to run Stubby without losing the performance benefits of having a local caching DNS resolver. Historically, Stubby had better DNS over TLS support than Unbound. \n\nTo achieve this, this setup uses two containers, one running Stubby and another running Unbound. Unbound exposes DNS over port 53 and forwards requests not in its cache to the Stubby container on port 8053 (not publically exposed). Stubby then performs DNS resolution over TLS. By default, this is configured to use Cloudflare DNS. \n\n## How to use\n\n### Building\n\n`sudo docker build -t mvance/stubby:latest .`\n\n`sudo docker build -t mvance/unbound:1.13.1-stubby .`\n\n### Standard usage\n\nRun these containers with the following command:\n\n```console\ndocker-compose up -d\n```\n\nNext, point your DNS to the IP of your Docker host running the Unbound container.\n\n### Serve Custom DNS Records for Local Network\n\nWhile Unbound is not a full authoritative name server, it supports resolving\ncustom entries on a small, private LAN. In other words, you can use Unbound to\nresolve fake names such as your-computer.local within your LAN.\n\nTo support such custom entries using this image, you need to update the provided\n[a-records.conf](https://github.com/MatthewVance/stubby-docker/blob/master/unbound/a-records.conf) file. This conf file is where you will define your custom entries for forward and reverse resolution.\n\nThe `a-records.conf` file should use the following format:\n\n```\n# A Record\n  #local-data: \"somecomputer.local. A 192.168.1.1\"\n  local-data: “laptop.local. A 192.168.1.2”\n\n# PTR Record\n  #local-data-ptr: \"192.168.1.1 somecomputer.local.\"\n  local-data-ptr: \"192.168.1.2 laptop.local.\"\n```\n\n### Use a customized Unbound configuration\nInstead of using this image's default Unbound configuration, you may supply your own unbound.conf. See my [unbound-docker README](https://github.com/MatthewVance/unbound-docker/blob/master/README.md#use-a-customized-unbound-configuration) for further details. Note, you will likely want to apply the concepts from those directions via [docker-compose.yml](https://github.com/MatthewVance/stubby-docker/blob/master/stubby/stubby.yml).\n\n## Issues\n\nIf you have any problems with or questions about this image, please contact me through a [GitHub issue](https://github.com/MatthewVance/stubby-docker/issues).\n\n## Contributing\n\nYou are invited to contribute new features, fixes, or updates, large or small. I imagine the upstream projects would be equally pleased to receive your contributions.\n\nPlease familiarize yourself with the [repository's `README.md` file](https://github.com/MatthewVance/stubby-docker/blob/master/README.md) before attempting a pull request.\n\nBefore you start to code, I recommend discussing your plans through a [GitHub issue](https://github.com/MatthewVance/stubby-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.\n\n## Acknowledgments\n\nThese deserve credit for making this all possible.\n\n- [Docker](https://www.docker.com/)\n- [DNSCrypt server Docker image](https://github.com/jedisct1/dnscrypt-server-docker)\n- [Docker](https://www.docker.com/)\n- [Filippo Valsorda's Gist](https://gist.github.com/FiloSottile/2b171d359232114839358a74f7df33cb)\n- [Franksn's Reddit post](https://www.reddit.com/r/pihole/comments/7oyh9m/guide_how_to_use_pihole_with_stubby/)\n- [OpenSSL](http://www.libressl.org/)\n- [Unbound](https://www.unbound.net/)\n\n## Licenses\n### License\n\nUnless otherwise specified, all code is released under the MIT License (MIT). See the [repository's `LICENSE` file](https://github.com/MatthewVance/stubby-docker/blob/master/LICENSE) for details.\n\n### Licenses for other components\n\n- DNSCrypt server Docker image: [ISC License](https://github.com/jedisct1/dnscrypt-server-docker/blob/master/LICENSE)\n- Docker: [Apache 2.0](https://github.com/docker/docker/blob/master/LICENSE)\n- OpenSSL: [Apache-style license](https://www.openssl.org/source/license.html)\n- Stubby: [BSD-3-Clause](https://github.com/getdnsapi/getdns/blob/develop/LICENSE) \n- Unbound: [BSD License](https://unbound.nlnetlabs.nl/svn/trunk/LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMatthewVance%2Fstubby-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMatthewVance%2Fstubby-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMatthewVance%2Fstubby-docker/lists"}