Technitium adalah sebuah system atau aplikasi DNS dengan GUI yang mudah digunakan dan mempunyai berbagai fitur keamanan.
DNS merupakan sebuah sistem yang menghubungkan Uniform Resource Locator atau URL dengan Internet Protocol Address atau IP Address. Kepanjangan dari DNS adalah domain name system.
Dalam sejarah domain tercatat, awalnya Anda perlu mengetikkan IP Address untuk mengakses sebuah website. Cara ini cukup merepotkan. Sebab, ini artinya, Anda perlu punya daftar lengkap IP Address website yang dikunjungi dan memasukkannya secara manual.
DNS adalah sistem yang meringkas pekerjaan ini untuk Anda. Kini, Anda tinggal mengingat nama domain dan memasukkannya dalam address bar. DNS kemudian akan menerjemahkan domain tersebut ke dalam IP Address yang komputer pahami.
Misalkan, Anda ingin mengakses Google. Alih-alih menulis 172.217.0.142 ke dalam address bar, Anda tinggal memasukkan alamat Google.com.
root@masadmin:~# mkdir -p /data/docker/technitium root@masadmin:~# root@masadmin:~# cd /data/docker/technitium root@masadmin:/data/docker/technitium# root@masadmin:/data/docker/technitium# mkdir config logs ssl root@masadmin:/data/docker/technitium# root@masadmin:/data/docker/technitium# ls -l total 12 drwxr-xr-x 2 root root 4096 Jul 8 04:51 config drwxr-xr-x 2 root root 4096 Jul 8 04:51 logs drwxr-xr-x 2 root root 4096 Jul 8 04:51 ssl root@masadmin:/data/docker/technitium#
root@masadmin:/data/docker/technitium# nano docker-compose.yml
root@masadmin:/data/docker/technitium#
root@masadmin:/data/docker/technitium# cat docker-compose.yml
version: "3"
services:
dns-server:
container_name: dns-server
hostname: dns-server
image: technitium/dns-server:latest
# For DHCP deployments, use "host" network mode and remove all the port mappings, including the ports array by commenting them
# network_mode: "host"
ports:
- "5380:5380/tcp" #DNS web console (HTTP)
# - "53443:53443/tcp" #DNS web console (HTTPS)
- "53:53/udp" #DNS service
- "53:53/tcp" #DNS service
# - "853:853/udp" #DNS-over-QUIC service
# - "853:853/tcp" #DNS-over-TLS service
# - "443:443/udp" #DNS-over-HTTPS service (HTTP/3)
# - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2)
# - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal)
# - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy)
# - "67:67/udp" #DHCP service
environment:
- DNS_SERVER_DOMAIN=dns-server #The primary domain name used by this DNS Server to identify itself.
# - DNS_SERVER_ADMIN_PASSWORD=password #DNS web console admin user password.
# - DNS_SERVER_ADMIN_PASSWORD_FILE=password.txt #The path to a file that contains a plain text password for the DNS web console admin user.
# - DNS_SERVER_PREFER_IPV6=false #DNS Server will use IPv6 for querying whenever possible with this option enabled.
# - DNS_SERVER_WEB_SERVICE_HTTP_PORT=5380 #The TCP port number for the DNS web console over HTTP protocol.
# - DNS_SERVER_WEB_SERVICE_HTTPS_PORT=53443 #The TCP port number for the DNS web console over HTTPS protocol.
# - DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS=false #Enables HTTPS for the DNS web console.
# - DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT=false #Enables self signed TLS certificate for the DNS web console.
# - DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP=false #Enables DNS server optional protocol DNS-over-HTTP on TCP port 8053 to be used with a TLS terminating reverse proxy like nginx.
# - DNS_SERVER_RECURSION=AllowOnlyForPrivateNetworks #Recursion options: Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworks.
# - DNS_SERVER_RECURSION_DENIED_NETWORKS=1.1.1.0/24 #Comma separated list of IP addresses or network addresses to deny recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_RECURSION_ALLOWED_NETWORKS=127.0.0.1, 192.168.1.0/24 #Comma separated list of IP addresses or network addresses to allow recursion. Valid only for `UseSpecifiedNetworks` recursion option.
# - DNS_SERVER_ENABLE_BLOCKING=false #Sets the DNS server to block domain names using Blocked Zone and Block List Zone.
# - DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT=false #Specifies if the DNS Server should respond with TXT records containing a blocked domain report for TXT type requests.
# - DNS_SERVER_BLOCK_LIST_URLS= #A comma separated list of block list URLs.
# - DNS_SERVER_FORWARDERS=1.1.1.1, 8.8.8.8 #Comma separated list of forwarder addresses.
# - DNS_SERVER_FORWARDER_PROTOCOL=Tcp #Forwarder protocol options: Udp, Tcp, Tls, Https, HttpsJson.
# - DNS_SERVER_LOG_USING_LOCAL_TIME=true #Enable this option to use local time instead of UTC for logging.
volumes:
- ./config:/etc/dns
- ./ssl:/etc/ssl
- ./logs:/app/config/log
restart: unless-stopped
sysctls:
- net.ipv4.ip_local_port_range=1024 65000
volumes:
config:
root@masadmin:/data/docker/technitium#
root@masadmin:~# sudo apt install docker-compose Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required: libflashrom1 libftdi1-2 Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: python3-docker python3-dockerpty python3-docopt python3-dotenv python3-texttable python3-websocket Recommended packages: docker.io The following NEW packages will be installed: docker-compose python3-docker python3-dockerpty python3-docopt python3-dotenv python3-texttable python3-websocket 0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded. Need to get 290 kB of archives. After this operation, 1,545 kB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-websocket all 1.2.3-1 [34.7 kB] Get:2 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-docker all 5.0.3-1 [89.3 kB] Get:3 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-dockerpty all 0.4.1-2 [11.1 kB] Get:4 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-docopt all 0.6.2-4 [26.9 kB] Get:5 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-dotenv all 0.19.2-1 [20.5 kB] Get:6 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-texttable all 1.6.4-1 [11.4 kB] Get:7 http://id.archive.ubuntu.com/ubuntu jammy/universe amd64 docker-compose all 1.29.2-1 [95.8 kB] Fetched 290 kB in 1s (324 kB/s) Selecting previously unselected package python3-websocket. (Reading database ... 109781 files and directories currently installed.) Preparing to unpack .../0-python3-websocket_1.2.3-1_all.deb ... Unpacking python3-websocket (1.2.3-1) ... Selecting previously unselected package python3-docker. Preparing to unpack .../1-python3-docker_5.0.3-1_all.deb ... Unpacking python3-docker (5.0.3-1) ... Selecting previously unselected package python3-dockerpty. Preparing to unpack .../2-python3-dockerpty_0.4.1-2_all.deb ... Unpacking python3-dockerpty (0.4.1-2) ... Selecting previously unselected package python3-docopt. Preparing to unpack .../3-python3-docopt_0.6.2-4_all.deb ... Unpacking python3-docopt (0.6.2-4) ... Selecting previously unselected package python3-dotenv. Preparing to unpack .../4-python3-dotenv_0.19.2-1_all.deb ... Unpacking python3-dotenv (0.19.2-1) ... Selecting previously unselected package python3-texttable. Preparing to unpack .../5-python3-texttable_1.6.4-1_all.deb ... Unpacking python3-texttable (1.6.4-1) ... Selecting previously unselected package docker-compose. Preparing to unpack .../6-docker-compose_1.29.2-1_all.deb ... Unpacking docker-compose (1.29.2-1) ... Setting up python3-dotenv (0.19.2-1) ... Setting up python3-texttable (1.6.4-1) ... Setting up python3-docopt (0.6.2-4) ... Setting up python3-websocket (1.2.3-1) ... Setting up python3-dockerpty (0.4.1-2) ... Setting up python3-docker (5.0.3-1) ... Setting up docker-compose (1.29.2-1) ... Processing triggers for man-db (2.10.2-1) ... Scanning processes... Scanning candidates... Scanning linux images... Restarting services... Service restarts being deferred: /etc/needrestart/restart.d/dbus.service systemctl restart networkd-dispatcher.service systemctl restart systemd-logind.service systemctl restart unattended-upgrades.service systemctl restart [email protected] No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. root@masadmin:~#
root@masadmin:/data/docker/technitium# docker-compose up -d Creating network "technitium_default" with the default driver Creating volume "technitium_config" with default driver Pulling dns-server (technitium/dns-server:latest)... latest: Pulling from technitium/dns-server 759700526b78: Pull complete cafd06d60458: Pull complete d92bd1997582: Pull complete 683b358f9ab0: Pull complete a85de7405299: Pull complete c9bb81fc486a: Pull complete d609e597299e: Pull complete 92110e1714fa: Pull complete b102f19d104c: Pull complete Digest: sha256:535786e3f2c98c8159d7747f0db66cbb182aad41e94ef431bc91ebb384a4c32a Status: Downloaded newer image for technitium/dns-server:latest Creating dns-server ... Starting dns-server ... done
root@masadmin:/data/docker/technitium# sudo systemctl stop systemd-resolved root@masadmin:/data/docker/technitium# sudo systemctl disable systemd-resolved Removed /etc/systemd/system/multi-user.target.wants/systemd-resolved.service. Removed /etc/systemd/system/dbus-org.freedesktop.resolve1.service. root@masadmin:/data/docker/technitium#
root@masadmin:/data/docker/technitium# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 689a660d1001 technitium/dns-server:latest "/usr/bin/dotnet /op…" 27 minutes ago Up 26 minutes 80/tcp, 67/udp, 443/tcp, 443/udp, 0.0.0.0:53->53/tcp, :::53->53/tcp, 853/tcp, 8053/tcp, 0.0.0.0:5380->5380/tcp, 0.0.0.0:53->53/udp, :::5380->5380/tcp, :::53->53/udp, 853/udp, 53443/tcp dns-server root@masadmin:/data/docker/technitium# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE technitium/dns-server latest 6aa0f9acc054 5 days ago 258MB root@masadmin:/data/docker/technitium#
