Distroless Alpine Linux Based Recursive Unbound DNS Resolver Docker Image

madnuttah · March 18, 2024, 1:24pm

Hey there,

I didn't want to revive my already over 2-year old thread about my recursive Unbound upstream resolver for Pi-hole. I think the evolution of this image deserves a whole new topic. If not feel free to remove or to merge. Thank you .

Why would one need an own recursive upstream resolver for Pi-hole?

Hands down, the best description comes from the Pi-hole folks themselves:

The problem: Whom can you trust? Recently, more and more small (and not so small) DNS upstream providers have appeared on the market, advertising free and private DNS service, but how can you know that they keep their promises? Right, you can't.
Furthermore, from the point of an attacker, the DNS servers of larger providers are very worthwhile targets, as they only need to poison one DNS server, but millions of users might be affected. Instead of your bank's actual IP address, you could be sent to a phishing site hosted on some island. This scenario has already happened and it isn't unlikely to happen again...
When you operate your own (tiny) recursive DNS server, then the likeliness of getting affected by such an attack is greatly reduced.

What happened to the former image?

In addition to the usual updates and maintenance of the image, it bobbled along until shortly before the release of Unbound 1.19.1. Right up to the point when an attentive GitHub user pointed out to me that the image could not provide a secure chroot environment. After some adjustments here and there, it worked again in my lab environment, but I had been looking towards a distroless image under Alpine Linux for a long time, preferrably with my usual and already customized dockerfiles and configs since there was a user base already. This was the perfect opportunity to completely rethink everything and also to implement the precious suggestions this attentive user made.

Why distroless?

Imagine a critical system like a DNS server being compromised; with an underlying, possibly inadequately maintained, yet fully functional operating system providing a substantial attack surface supplemented by various nifty tools that could be exploited or even installed by someone with malicious intent.

Well, it seems like it became probably the most innovative and advanced Unbound Docker image currently available - created with great attention to details and modeled according to the principles of "best practice".

Feature	Supported
Single-layer distroless scratch image running Alpine Linux	yes
Unprivileged user	yes
Unprivileged port (privileged possible)	yes
Custom UID/GID enviroment variables	yes
Per hardware architecture optimized & CD built OpenSSL build environment	yes
Libevent	yes
Recursive DNS as default	yes
DNSSEC	yes
DNSCrypt	yes
DNSTap	yes
DNS64	yes
DNS over HTTPS	yes
DNS over TLS	yes
Redis via UNIX Socket	yes
Optional privacy respecting & meaningful healthcheck	yes
Optional Unbound statistics for Grafana via Zabbix utilizing on-board means	yes

If you use Unbound, be sure to use Redis as your persistent cache! And then preferably also via Unix Socket for maximum performance.

In the last few days, I have changed the pipeline so that the image is automatically updated via my bot madnuttah-bot when an Unbound update has been released, pushed to Docker Hub, tagged and released with the required signing according to my GitHub repo's strict security policies. My reintroduced optimized and hardened OpenSSL build environment is built in the same way. I still can't believe 'someone else' is doing the chores for me...

I tried to document all the things as good as possible.

In case you dig statistics as much as I do, please have a look at my companion project Unbound Statistics, which transfers Unbound statistics without any additional tools to Zabbix using on-board means via an Active Agent and can then be displayed in Grafana.

Speaking for myself as a developer, I am grateful for you attentive users, only through you are such improvements and changes possible. So that things can be created that are far better than you would have thought possible.

sally · March 26, 2024, 10:41pm

@madnuttah

Thank you for posting this,
I am not familiar with Alpine linux, but if I understand, I could test this simply by spinning it up as a Proxmox image.

I understand Alpine is not a supported OS, but has a very small footprint.

What Proxmox settings would you recommend? Would 512 MB RAM and 4GB disk space work?

madnuttah · March 27, 2024, 5:55am

Hi and thanks for your question. Yes, this will be sufficient as the image was designed to run on less powerful and also older hardware architectures.

If you have any questions, I'm happy to answer them.

Cheers.

sally · March 27, 2024, 8:31pm

Thank you for your help.I think I am lost

so I created a Proxmox VM container using alpine 3.18

/usr # docker pull madnuttah/unbound
Using default tag: latest
latest: Pulling from madnuttah/unbound
Digest: sha256:cb91ced085308c278d39ebd59fb2cff8dacb10915a1b330e87cfd78a694d13dd
Status: Image is up to date for madnuttah/unbound:latest
docker.io/madnuttah/unbound:latest

After that I just kept getting errors

I ran unbound with the custom unbound.conf

unbound -c /usr/local/unbound/unbound.conf

/usr/local/unbound/unbound.conf:2227: error: unknown keyword '>Docs</a>'
/usr/local/unbound/unbound.conf:2228: error: unknown keyword '</li>'
/usr/local/unbound/unbound.conf:2230: error: unknown keyword '<li'
/usr/local/unbound/unbound.conf:2230: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2230: error: stray '"'
/usr/local/unbound/unbound.conf:2230: error: unknown keyword 'mx-2'
/usr/local/unbound/unbound.conf:2230: error: stray '"'
/usr/local/unbound/unbound.conf:2230: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '<a'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'data-analytics-event='
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '{&quot;category&quot;'
/usr/local/unbound/unbound.conf:2231: error: stray ':'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '&quot;Footer&quot;,&quot;action&quot;'
/usr/local/unbound/unbound.conf:2231: error: stray ':'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '&quot;go'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'to'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'contact&quot;,&quot;label&quot;'
/usr/local/unbound/unbound.conf:2231: error: stray ':'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '&quot;text'
/usr/local/unbound/unbound.conf:2231: error: stray ':'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'contact&quot;}'
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'href='
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'https'
/usr/local/unbound/unbound.conf:2231: error: stray ':'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '//support.github.com?tags=dotcom-footer'
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'data-view-component='
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'Link--secondary'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword 'Link'
/usr/local/unbound/unbound.conf:2231: error: stray '"'
/usr/local/unbound/unbound.conf:2231: error: unknown keyword '>Contact</a>'
/usr/local/unbound/unbound.conf:2232: error: unknown keyword '</li>'
/usr/local/unbound/unbound.conf:2234: error: unknown keyword '<li'
/usr/local/unbound/unbound.conf:2234: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2234: error: stray '"'
/usr/local/unbound/unbound.conf:2234: error: unknown keyword 'mx-2'
/usr/local/unbound/unbound.conf:2234: error: stray '"'
/usr/local/unbound/unbound.conf:2234: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2235: error: unknown keyword '<cookie-consent-link>'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword '<button'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'type='
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'button'
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'Link--secondary'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'underline-on-hover'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'border-0'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'p-0'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'color-bg-transparent'
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'data-action='
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'click'
/usr/local/unbound/unbound.conf:2236: error: stray ':'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword 'cookie-consent-link#showConsentManagement'
/usr/local/unbound/unbound.conf:2236: error: stray '"'
/usr/local/unbound/unbound.conf:2236: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2237: error: unknown keyword 'Manage'
/usr/local/unbound/unbound.conf:2237: error: unknown keyword 'cookies'
/usr/local/unbound/unbound.conf:2238: error: unknown keyword '</button>'
/usr/local/unbound/unbound.conf:2239: error: unknown keyword '</cookie-consent-link>'
/usr/local/unbound/unbound.conf:2240: error: unknown keyword '</li>'
/usr/local/unbound/unbound.conf:2242: error: unknown keyword '<li'
/usr/local/unbound/unbound.conf:2242: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2242: error: stray '"'
/usr/local/unbound/unbound.conf:2242: error: unknown keyword 'mx-2'
/usr/local/unbound/unbound.conf:2242: error: stray '"'
/usr/local/unbound/unbound.conf:2242: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2243: error: unknown keyword '<cookie-consent-link>'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword '<button'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'type='
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'button'
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'Link--secondary'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'underline-on-hover'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'border-0'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'p-0'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'color-bg-transparent'
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'data-action='
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'click'
/usr/local/unbound/unbound.conf:2244: error: stray ':'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword 'cookie-consent-link#showConsentManagement'
/usr/local/unbound/unbound.conf:2244: error: stray '"'
/usr/local/unbound/unbound.conf:2244: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'Do'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'not'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'share'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'my'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'personal'
/usr/local/unbound/unbound.conf:2245: error: unknown keyword 'information'
/usr/local/unbound/unbound.conf:2246: error: unknown keyword '</button>'
/usr/local/unbound/unbound.conf:2247: error: unknown keyword '</cookie-consent-link>'
/usr/local/unbound/unbound.conf:2248: error: unknown keyword '</li>'
/usr/local/unbound/unbound.conf:2250: error: unknown keyword '</ul>'
/usr/local/unbound/unbound.conf:2251: error: unknown keyword '</nav>'
/usr/local/unbound/unbound.conf:2252: error: unknown keyword '</div>'
/usr/local/unbound/unbound.conf:2253: error: unknown keyword '</footer>'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword '<cookie-consent'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'id='
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'cookie-consent-banner'
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'position-fixed'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'bottom-0'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'left-0'
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'style='
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'z-index'
/usr/local/unbound/unbound.conf:2258: error: stray ':'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword '999999'
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'data-initial-cookie-consent-allowed='
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'data-cookie-consent-required='
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword 'false'
/usr/local/unbound/unbound.conf:2258: error: stray '"'
/usr/local/unbound/unbound.conf:2258: error: unknown keyword '></cookie-consent>'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword '<div'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'id='
/usr/local/unbound/unbound.conf:2261: error: stray '"'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'ajax-error-message'
/usr/local/unbound/unbound.conf:2261: error: stray '"'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2261: error: stray '"'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'ajax-error-message'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'flash'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'flash-error'
/usr/local/unbound/unbound.conf:2261: error: stray '"'
/usr/local/unbound/unbound.conf:2261: error: unknown keyword 'hidden>'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '<svg'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'aria-hidden='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'height='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'viewBox='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'version='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '1.1'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'width='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'data-view-component='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'octicon'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword 'octicon-alert'
/usr/local/unbound/unbound.conf:2262: error: stray '"'
/usr/local/unbound/unbound.conf:2262: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '<path'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword 'd='
/usr/local/unbound/unbound.conf:2263: error: stray '"'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword 'M6.457'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1.047c.659-1.234'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '2.427-1.234'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '3.086'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0l6.082'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '11.378A1.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '14.082'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '15H1.918a1.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1-1.543-2.575Zm1.763.707a.25.25'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0-.44'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0L1.698'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '13.132a.25.25'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '.22.368h12.164a.25.25'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '.22-.368Zm.53'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '3.996v2.5a.75.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1-1.5'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0v-2.5a.75.75'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1.5'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0ZM9'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '11a1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1-2'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '2'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '0Z'
/usr/local/unbound/unbound.conf:2263: error: stray '"'
/usr/local/unbound/unbound.conf:2263: error: unknown keyword '></path>'
/usr/local/unbound/unbound.conf:2264: error: unknown keyword '</svg>'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword '<button'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'type='
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'button'
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'flash-close'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'js-ajax-error-dismiss'
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'aria-label='
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'Dismiss'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword 'error'
/usr/local/unbound/unbound.conf:2265: error: stray '"'
/usr/local/unbound/unbound.conf:2265: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '<svg'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'aria-hidden='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'height='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'viewBox='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'version='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '1.1'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'width='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'data-view-component='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'octicon'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword 'octicon-x'
/usr/local/unbound/unbound.conf:2266: error: stray '"'
/usr/local/unbound/unbound.conf:2266: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '<path'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword 'd='
/usr/local/unbound/unbound.conf:2267: error: stray '"'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword 'M3.72'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '3.72a.75.75'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1.06'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0L8'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '6.94l3.22-3.22a.749.749'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1.275.326.749.749'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1-.215.734L9.06'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '8l3.22'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '3.22a.749.749'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1-.326'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1.275.749.749'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1-.734-.215L8'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '9.06l-3.22'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '3.22a.751.751'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1-1.042-.018.751.751'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '1-.018-1.042L6.94'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '8'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '3.72'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '4.78a.75.75'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2267: error: unknown keyword '0'

/usr/local/unbound/unbound.conf:2308: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2308: error: unknown keyword '.25-.25v-7.5a.25.25'
/usr/local/unbound/unbound.conf:2308: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2308: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2308: error: unknown keyword '0-.25-.25Z'
/usr/local/unbound/unbound.conf:2308: error: stray '"'
/usr/local/unbound/unbound.conf:2308: error: unknown keyword '></path>'
/usr/local/unbound/unbound.conf:2309: error: unknown keyword '</svg>'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '<svg'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'aria-hidden='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'height='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'viewBox='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'version='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '1.1'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'width='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '16'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'data-view-component='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'octicon'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'octicon-check'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'js-clipboard-check-icon'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'color-fg-success'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword 'd-none'
/usr/local/unbound/unbound.conf:2310: error: stray '"'
/usr/local/unbound/unbound.conf:2310: error: unknown keyword '>'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '<path'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword 'd='
/usr/local/unbound/unbound.conf:2311: error: stray '"'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword 'M13.78'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '4.22a.75.75'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1.06l-7.25'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '7.25a.75.75'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1-1.06'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0L2.22'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '9.28a.751.751'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '.018-1.042.751.751'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1.042-.018L6'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '10.94l6.72-6.72a.75.75'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '1.06'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '0Z'
/usr/local/unbound/unbound.conf:2311: error: stray '"'
/usr/local/unbound/unbound.conf:2311: error: unknown keyword '></path>'
/usr/local/unbound/unbound.conf:2312: error: unknown keyword '</svg>'
/usr/local/unbound/unbound.conf:2313: error: unknown keyword '</clipboard-copy>'
/usr/local/unbound/unbound.conf:2314: error: unknown keyword '</div>'
/usr/local/unbound/unbound.conf:2315: error: unknown keyword '</template>'
/usr/local/unbound/unbound.conf:2320: error: unknown keyword '</div>'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword '<div'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'id='
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'js-global-screen-reader-notice'
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'sr-only'
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'aria-live='
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'polite'
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'aria-atomic='
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2322: error: stray '"'
/usr/local/unbound/unbound.conf:2322: error: unknown keyword '></div>'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword '<div'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'id='
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'js-global-screen-reader-notice-assertive'
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'class='
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'sr-only'
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'aria-live='
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'assertive'
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'aria-atomic='
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword 'true'
/usr/local/unbound/unbound.conf:2323: error: stray '"'
/usr/local/unbound/unbound.conf:2323: error: unknown keyword '></div>'
/usr/local/unbound/unbound.conf:2324: error: unknown keyword '</body>'
/usr/local/unbound/unbound.conf:2325: error: unknown keyword '</html>'
read /usr/local/unbound/unbound.conf failed: 34360 errors in configuration file
[1711571428] unbound[1102:0] fatal error: Could not read config file: /usr/local/unbound/unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf

madnuttah · March 28, 2024, 5:56am

Please download the image's "raw" unbound.conf https:// raw.githubusercontent.com/madnuttah/unbound-docker/main/unbound/root/usr/local/unbound/unbound.conf. It looks like your unbound tries to devour a html page.

lokamaya · April 15, 2024, 10:02am

Is this support arm64? I would like to install it on Mikrotik container.

Thanks

rdwebdesign · April 15, 2024, 3:55pm

This one is not Alpine based.

It is 100% Distroless:

madnuttah · April 15, 2024, 6:54pm

Yes, my image is a multiarch distroless scratch image running alpine binaries. It will run on any armv7, arm64, amd64 and even 386 hardware architecture.

madnuttah · April 15, 2024, 7:00pm

Looking at this it seems you're wrong.

rdwebdesign · April 15, 2024, 7:56pm

Hmmm... You're right. I never saw that comment.

I based my comment on the README text:

Note that this image is distroless!

Anyway, this image also fits the same "Distroless Alpine Linux Based" category mentioned in the topic title.

I just added the link to this image because I know it supports arm64 (asked above), but now I see your image also supports it.

Albertux · July 22, 2024, 9:53pm

I had a setup that I use docker pi-hole and the docker unbound here is the compose you might need to update the ip address if you have VMware or other tools


# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      #- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    environment:
      TZ: 'America/Los_Angeles'
      WEBPASSWORD: ‘password'
      PIHOLE_DNS_: '172.18.0.1#5335'
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    #cap_add:
    #  - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped
    extra_hosts:
      - "host.docker.internal:host-gateway"
    depends_on:
      - unbound
  unbound:
    container_name: unbound
    image: mvance/unbound:latest
    ports:
      - "5335:53/tcp"
      - "5335:53/udp"
    restart: unless-stopped